Created on 06-11-2010 11:56 AM
Someone has already used? What are some recommendations to use? how to configure? is whether to replace the classical form scanning? what problems and shortcomings can be found? < Message edited by roms -- 6/11/2010 12:38:48 PM >UTM - Antivirus - Database - Click Flow-Based.... it does the rest.
The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
If your FortiGate unit supports flow-based antivirus scanning, you can choose to select it instead of proxy-based antivirus scanning. Flow-based antivirus scanning uses the FortiGate IPS engine to examine network traffic for viruses, worms, trojans, and malware, without the need to buffer the file being checked. The advantages of flow-based scanning include faster scanning and no maximum file size. Flow-based scanning doesn’t require the file be buffered so it is scanned as it passes through the FortiGate unit, packet-by-packet. This eliminates the maximum file size limit and the client begins receiving the file data immediately. The trade-off for these advantages is that flow-based scans detect a smaller number of infections. Viruses in documents, packed files, and some archives are less likely to be detected because the scanner can only examine a small portion of the file at any moment. Note however that your choice of flow-based or proxy-based scans only affects antivirus scans. Although you enable file filtering in the antivirus profile, it requires that files be proxied. Therefore, if you enable both flow-based antivirus scanning and file filtering, files will not be proxied for antivirus scans, but they will be proxied for file filtering.and page 46
The flow-based database is a subset of the extreme database. Flow-based scans can not detect polymorphic and packed-file viruses so those signatures and not included in the flow-based database
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
ORIGINAL: Selective And the best thing is that you can choose what antivirus db you want per firewall policy :)How are you achieving this? On my 620B running 4.0 MR2P1 the Virus DB option looks to be set per VDOM. Thanks, David
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.