Fortinet black logo

Administration Guide

Scan Profile Pre-Filter Tab

Copy Link
Copy Doc ID 4f5c3194-0b50-11ec-a4c4-00505692583a:711860
Download PDF

Scan Profile Pre-Filter Tab

Use the Job Queue page to define file types and URLs that are allowed to enter the job queue if they are from a sniffer, adapter, or device other than FortiMail.

Files or URLs submitted through On-Demand, RPC JSON API, network share, or FortiMail are always put into the job queue even if their file types are not set to enter the job queue.

For unsupported or disabled file types, those files are dropped and rated as clean.

To allow a file type to enter the job queue:

Click its toggle button to enable it. If the button is greyed out, files of that type are dropped.

To enable pre-filter for selected file types:

Click its toggle button to enable it. If the button is enabled, files of that type are pre-filtered.

To use trust results from trusted resources during pre-filter:

Click its toggle button to enable it. If the button is enabled, files rated by that resources are pre-filtered.

When FortiAI entrust is enabled, files rated by FortiAI as clean skip the sandboxing VM scan step.

When Trusted Vendor is enabled, executable files from a small internal list of trusted vendors skip the sandboxing scan step.

When Trust Domain is enabled, files downloaded from a small internal list of trusted domains skip the sandboxing scan step.

If there is a long queue of pending jobs, consider turning off some file types to the job queue. For example, in most networks, many files are static web files (JavaScript, html, aspx files) and Adobe Flash files. When you have performance issue, consider turning them off.

If a file type is turned off, files of that type already in the job queue will still be processed. You can use the pending-jobs command or Scan Job > Job Queue page to purge them.

To determine the number of each file type and its input source, use the pending-jobs command or the Scan Job > Job Queue page.

Scan Profile Pre-Filter Tab

Use the Job Queue page to define file types and URLs that are allowed to enter the job queue if they are from a sniffer, adapter, or device other than FortiMail.

Files or URLs submitted through On-Demand, RPC JSON API, network share, or FortiMail are always put into the job queue even if their file types are not set to enter the job queue.

For unsupported or disabled file types, those files are dropped and rated as clean.

To allow a file type to enter the job queue:

Click its toggle button to enable it. If the button is greyed out, files of that type are dropped.

To enable pre-filter for selected file types:

Click its toggle button to enable it. If the button is enabled, files of that type are pre-filtered.

To use trust results from trusted resources during pre-filter:

Click its toggle button to enable it. If the button is enabled, files rated by that resources are pre-filtered.

When FortiAI entrust is enabled, files rated by FortiAI as clean skip the sandboxing VM scan step.

When Trusted Vendor is enabled, executable files from a small internal list of trusted vendors skip the sandboxing scan step.

When Trust Domain is enabled, files downloaded from a small internal list of trusted domains skip the sandboxing scan step.

If there is a long queue of pending jobs, consider turning off some file types to the job queue. For example, in most networks, many files are static web files (JavaScript, html, aspx files) and Adobe Flash files. When you have performance issue, consider turning them off.

If a file type is turned off, files of that type already in the job queue will still be processed. You can use the pending-jobs command or Scan Job > Job Queue page to purge them.

To determine the number of each file type and its input source, use the pending-jobs command or the Scan Job > Job Queue page.