config antivirus profile
Configure AntiVirus profiles.
config antivirus profile
Description: Configure AntiVirus profiles.
edit <name>
set comment {var-string}
set replacemsg-group {string}
set feature-set [flow|proxy]
set ftgd-analytics [disable|suspicious|...]
set analytics-max-upload {integer}
set analytics-wl-filetype {integer}
set analytics-bl-filetype {integer}
set analytics-db [disable|enable]
set mobile-malware-db [disable|enable]
config http
Description: Configure HTTP AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set outbreak-prevention [disabled|files|...]
set content-disarm [disable|enable]
end
config ftp
Description: Configure FTP AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set outbreak-prevention [disabled|files|...]
end
config imap
Description: Configure IMAP AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set executables [default|virus]
set outbreak-prevention [disabled|files|...]
set content-disarm [disable|enable]
end
config pop3
Description: Configure POP3 AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set executables [default|virus]
set outbreak-prevention [disabled|files|...]
set content-disarm [disable|enable]
end
config smtp
Description: Configure SMTP AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set executables [default|virus]
set outbreak-prevention [disabled|files|...]
set content-disarm [disable|enable]
end
config mapi
Description: Configure MAPI AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set executables [default|virus]
set outbreak-prevention [disabled|files|...]
end
config nntp
Description: Configure NNTP AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set outbreak-prevention [disabled|files|...]
end
config cifs
Description: Configure CIFS AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set outbreak-prevention [disabled|files|...]
end
config ssh
Description: Configure SFTP and SCP AntiVirus options.
set options {option1}, {option2}, ...
set archive-block {option1}, {option2}, ...
set archive-log {option1}, {option2}, ...
set emulator [enable|disable]
set outbreak-prevention [disabled|files|...]
end
config nac-quar
Description: Configure AntiVirus quarantine settings.
set infected [none|quar-src-ip]
set expiry {user}
set log [enable|disable]
end
config outbreak-prevention
Description: Configure Virus Outbreak Prevention settings.
set ftgd-service [disable|enable]
set external-blocklist [disable|enable]
end
config content-disarm
Description: AV Content Disarm and Reconstruction settings.
set original-file-destination [fortisandbox|quarantine|...]
set error-action [block|log-only|...]
set office-macro [disable|enable]
set office-hylink [disable|enable]
set office-linked [disable|enable]
set office-embed [disable|enable]
set office-dde [disable|enable]
set office-action [disable|enable]
set pdf-javacode [disable|enable]
set pdf-embedfile [disable|enable]
set pdf-hyperlink [disable|enable]
set pdf-act-gotor [disable|enable]
set pdf-act-launch [disable|enable]
set pdf-act-sound [disable|enable]
set pdf-act-movie [disable|enable]
set pdf-act-java [disable|enable]
set pdf-act-form [disable|enable]
set cover-page [disable|enable]
set detect-only [disable|enable]
end
set av-virus-log [enable|disable]
set av-block-log [enable|disable]
set extended-log [enable|disable]
set scan-mode [default|legacy]
next
end
config antivirus profile
|
Parameter name |
Description |
Type |
Size |
||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
comment |
Comment. |
var-string |
Maximum length: 255 |
||||||||
|
replacemsg-group |
Replacement message group customized for this profile. |
string |
Maximum length: 35 |
||||||||
|
feature-set |
Flow/proxy feature set. |
option |
- |
||||||||
|
|
|
||||||||||
|
ftgd-analytics |
Settings to control which files are uploaded to FortiSandbox. |
option |
- |
||||||||
|
|
|
||||||||||
|
analytics-max-upload |
Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes, default = 10). |
integer |
Minimum value: 1 Maximum value: 6446 |
||||||||
|
analytics-wl-filetype |
Do not submit files matching this DLP file-pattern to FortiSandbox. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
||||||||
|
analytics-bl-filetype |
Only submit files matching this DLP file-pattern to FortiSandbox. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
||||||||
|
analytics-db |
Enable/disable using the FortiSandbox signature database to supplement the AV signature databases. |
option |
- |
||||||||
|
|
|
||||||||||
|
mobile-malware-db |
Enable/disable using the mobile malware signature database. |
option |
- |
||||||||
|
|
|
||||||||||
|
av-virus-log |
Enable/disable AntiVirus logging. |
option |
- |
||||||||
|
|
|
||||||||||
|
av-block-log |
Enable/disable logging for AntiVirus file blocking. |
option |
- |
||||||||
|
|
|
||||||||||
|
extended-log |
Enable/disable extended logging for antivirus. |
option |
- |
||||||||
|
|
|
||||||||||
|
scan-mode |
Choose between default scan mode and legacy scan mode. |
option |
- |
||||||||
|
|
|
||||||||||
config http
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
content-disarm |
Enable Content Disarm and Reconstruction for this protocol. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config ftp
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable FTP AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config imap
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
executables |
Treat Windows executable files as viruses for the purpose of blocking or monitoring. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
content-disarm |
Enable Content Disarm and Reconstruction for this protocol. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config pop3
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
executables |
Treat Windows executable files as viruses for the purpose of blocking or monitoring. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
content-disarm |
Enable Content Disarm and Reconstruction for this protocol. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config smtp
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
executables |
Treat Windows executable files as viruses for the purpose of blocking or monitoring. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
content-disarm |
Enable Content Disarm and Reconstruction for this protocol. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config mapi
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
executables |
Treat Windows executable files as viruses for the purpose of blocking or monitoring. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config nntp
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config cifs
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable CIFS AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config ssh
|
Parameter name |
Description |
Type |
Size |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
options |
Enable/disable SFTP and SCP AntiVirus scanning, monitoring, and quarantine. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-block |
Select the archive types to block. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
archive-log |
Select the archive types to log. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
emulator |
Enable/disable the virus emulator. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
|
outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
||||||||||||||||||||
|
|
|
||||||||||||||||||||||
config nac-quar
|
Parameter name |
Description |
Type |
Size |
||||||
|---|---|---|---|---|---|---|---|---|---|
|
infected |
Enable/Disable quarantining infected hosts to the banned user list. |
option |
- |
||||||
|
|
|
||||||||
|
expiry |
Duration of quarantine. |
user |
Not Specified |
||||||
|
log |
Enable/disable AntiVirus quarantine logging. |
option |
- |
||||||
|
|
|
||||||||
config outbreak-prevention
|
Parameter name |
Description |
Type |
Size |
||||||
|---|---|---|---|---|---|---|---|---|---|
|
ftgd-service |
Enable/disable FortiGuard Virus outbreak prevention service. |
option |
- |
||||||
|
|
|
||||||||
|
external-blocklist |
Enable/disable external malware blocklist. |
option |
- |
||||||
|
|
|
||||||||
config content-disarm
|
Parameter name |
Description |
Type |
Size |
||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
original-file-destination |
Destination to send original file if active content is removed. |
option |
- |
||||||||
|
|
|
||||||||||
|
error-action |
Action to be taken if CDR engine encounters an unrecoverable error. |
option |
- |
||||||||
|
|
|
||||||||||
|
office-macro |
Enable/disable stripping of macros in Microsoft Office documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
office-hylink |
Enable/disable stripping of hyperlinks in Microsoft Office documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
office-linked |
Enable/disable stripping of linked objects in Microsoft Office documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
office-embed |
Enable/disable stripping of embedded objects in Microsoft Office documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
office-dde |
Enable/disable stripping of Dynamic Data Exchange events in Microsoft Office documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
office-action |
Enable/disable stripping of PowerPoint action events in Microsoft Office documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-javacode |
Enable/disable stripping of JavaScript code in PDF documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-embedfile |
Enable/disable stripping of embedded files in PDF documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-hyperlink |
Enable/disable stripping of hyperlinks from PDF documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-act-gotor |
Enable/disable stripping of PDF document actions that access other PDF documents. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-act-launch |
Enable/disable stripping of PDF document actions that launch other applications. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-act-sound |
Enable/disable stripping of PDF document actions that play a sound. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-act-movie |
Enable/disable stripping of PDF document actions that play a movie. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-act-java |
Enable/disable stripping of PDF document actions that execute JavaScript code. |
option |
- |
||||||||
|
|
|
||||||||||
|
pdf-act-form |
Enable/disable stripping of PDF document actions that submit data to other targets. |
option |
- |
||||||||
|
|
|
||||||||||
|
cover-page |
Enable/disable inserting a cover page into the disarmed document. |
option |
- |
||||||||
|
|
|
||||||||||
|
detect-only |
Enable/disable only detect disarmable files, do not alter content. |
option |
- |
||||||||
|
|
|
||||||||||