Created on 03-31-2022 06:02 AM Edited on 01-30-2024 02:20 AM By Kate_M
Description | This article describes how to Quarantine/ban a Source IP for Anti Virus. |
Scope |
FortiGate |
Solution |
Configure the AntiVirus security profile to add the source IP of an infected file or malware sender to the quarantine or list of banned source IP addresses in the CLI
# config antivirus profile # edit <name of profile> # config nac-quar # set infected quar-src-ip # set expiry 5m # end
This variable (quar-src-ip) determines for how long the source IP address will be blocked.
In the CLI the option is called expiry. The maximum day's value is 364. The maximum hour value is 23 and the maximum minute value is 59. The default is 5 minutes.
CLI: https://docs.fortinet.com/document/fortigate/6.0.0/cli-reference/805277/antivirus-profile |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.