Antivirus protection
File blocking
FortiGate-50 Installation and Configuration Guide
205
File blocking
Enable file blocking to remove all files that pose a potential threat and to provide the
best protection from active computer virus attacks. Blocking files is the only protection
available from a virus that is so new that antivirus scanning cannot detect it. You
would not normally run the FortiGate unit with blocking enabled. However, it is
available for extremely high-risk situations in which there is no other way to prevent
viruses from entering your network.
File blocking deletes all files that match a list of enabled file patterns. The FortiGate
unit replaces the file with an alert message that is forwarded to the user. The
FortiGate unit also writes a message to the virus log and sends an alert email if it is
configured to do so.
By default, when blocking is enabled, the FortiGate unit blocks the following file
patterns:
• executable files (*.bat, *.com, and *.exe)
• compressed or archive files (*.gz, *.rar, *.tar, *.tgz, and *.zip)
• dynamic link libraries (*.dll)
• HTML application (*.hta)
• Microsoft Office files (*.doc, *.ppt, *.xl?)
• Microsoft Works files (*.wps)
• Visual Basic files (*.vb?)
• screen saver files (*.scr)
Blocking files in firewall traffic
Use content profiles to apply file blocking to HTTP, FTP, POP3, IMAP, and SMTP
traffic controlled by firewall policies.
1
Select file blocking in a content profile.
See
“Adding a content profile” on page 141
.
2
Add this content profile to firewall policies to apply content blocking to the traffic
controlled by the firewall policy.
See
“Adding a content profile to a policy” on page 142
.
Adding file patterns to block
1
Go to
Anti-Virus > File Block
.
2
Select New.
3
Type the new pattern in the File Pattern field.
You can use an asterisk (*) to represent any characters and a question mark (?) to
represent any single character. For example,
*.dot
blocks Microsoft Word template
files and *.do? blocks both Microsoft Word template files and document files.
4
Select the check box beside the traffic protocols for which you want to enable blocking
of this file pattern.
5
Select OK.
Note:
If both blocking and scanning are enabled, the FortiGate unit blocks files that
match enabled file patterns and does not scan these files for viruses.
Содержание FortiGate FortiGate-50
Страница 16: ...16 Fortinet Inc Customer service and technical support Introduction...
Страница 32: ...32 Fortinet Inc Next steps Getting started...
Страница 40: ...40 Fortinet Inc Completing the configuration NAT Route mode installation...
Страница 88: ...88 Fortinet Inc Registering a FortiGate unit after an RMA Virus and attack definitions updates and registration...
Страница 112: ...112 Fortinet Inc Customizing replacement messages System configuration...
Страница 144: ...144 Fortinet Inc Content profiles Firewall configuration...
Страница 202: ...202 Fortinet Inc Logging attacks Network Intrusion Detection System NIDS...
Страница 216: ...216 Fortinet Inc Exempt URL list Web filtering...
Страница 228: ...228 Fortinet Inc Configuring alert email Logging and reporting...
Страница 232: ...232 Fortinet Inc Glossary...