# config firewall profile-protocol-optionsTo configure SCP block and log options.
edit "protocol"
# config ssh
set options [oversize | clientcomfort | servercomfort]
set comfort-interval [1 - 900]
set comfort-amount [1 - 65535]
set oversize-limit [1 - 798]
set uncompressed-oversize-limit [0 - 798]
set uncompressed-nest-limit [2 - 100]
set scan-bzip2 [enable | disable]
end
next
end
# config ssh-filter profileTo configure the DLP sensor.
edit "ssh-test"
set block scp
set log scp
next
end
# config dlp sensorTo configure the antivirus profile options.
edit "test"
set full-archive-proto ssh
set summary-proto ssh
# config filter
edit 1
set proto ssh
next
end
next
end
# config antivirus profileTo configure the antivirus quarantine options.
edit "av"
# config ssh
set options [scan | avmonitor | quarantine]
set archive-block [encrypted | corrupted | partiallycorrupted | multipart | nested | mailbomb | fileslimit | timeout | unhandled]
set archive-log [encrypted | corrupted | partiallycorrupted | multipart | nested | mailbomb | fileslimit | timeout | unhandled]
set emulator [enable | disable]
set outbreak-prevention [disabled | files | full-archive]
end
next
end
# config antivirus quarantine
set drop-infected ssh
set store-infected ssh
set drop-blocked ssh
set store-blocked ssh
set drop-heuristic ssh
set store-heuristic ssh
end