I have a fortigate 60e and enabled antivirus security profile on my ipv4 policy thinking this would do some sort of antivirus on the firewall? But looking further into it wonder is this forcing the forticlinet to act as antivirus on the end user pcs as it seems to be doing a scans. I have an antivirus already on the machines so dont want them interfering with one another. The reason I have forticlient is because we use it for the vpn. Also is th192.168.1.254e Application Control worth enabling as users only have limited software on their machines?10.0.0.0.1
Hi mikipetri74,
I don't think anyone responded to you on this topic- I'd hate you to think the Fortinet Forum's aren't able to help you!
The Fortigates are full UTM applicances. So yes, correctly setup, they will scan all incoming and outgoing traffic for viruses.
FortiClient is completely separate, but will integrate with the FortiGate to provided end to end visibility of traffic as part of the Fortinet Security Fabric. Again, that depends on setup and depending on your software versions will likely require FortiClient EMS to manage the FortiClient endpoint protection.
To configure antivirus scanning requires the correct licences and then an anti-virus profile added to your ipv4 (or ipv6) policy. It's pretty simple to setup and the https://docs.fortinet.com/ site has pretty good documentation to describe how it all works.
There are some catches of course- the Fortigate can't look inside encrypted connections by default. So an HTTPS sessions (for example) may allow a virus to bypass the Fortigate anti-virus scanning. You can get around this by using "deep- inspection" which intercepts the connection and allows scanning. It can be problematic though- and will break sites that use certificate pinning (for example).
The Fortigate will also by default only scan "small" files. Again, this is dependent on config but I think is 10MB file size by default- generally that isn't an issue as most viruses are small in size.
But, with all that said- the Fortigate is a great way to protect yourself or your business from threats including viruses.
It sounds like you also need to read up on the other capabilities- for example application control and intrusion detection- these are also important features to protect your network (again, plenty of detail on the docs sites).
Good luck.
Kind Reagrds,
Andy.
https://www-192-168-0-1.com/ NICE ONE GOOD POST
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.