Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jasonsig
New Contributor

Malware

What mechanism on the fortigate does malware detection?
2 REPLIES 2
Dipen
New Contributor III

The antivirus UTM feature does malware scanning for traffic flowing via Fortigate. You need to define an antivirus UTM Profile and apply them to respective policies. The Fortigate works like an gateway Antivirus, It has a AV Engine and a Signature database which is updated regularly.

Ahead of the Threat. FCNSA v5 / FCNSP v5

Fortigate 1000C / 1000D / 1500D

 

Ahead of the Threat. FCNSA v5 / FCNSP v5 Fortigate 1000C / 1000D / 1500D
Sean_Toomey_FTNT

Adding some info here: You will want to enable AV as well as Web Filtering, blocking the " Security Risk" category. You may also want to block Botnet under your AV profile, as well as under an Application Security Profile. There are several improvements in FortiOS 5.2 related to Antivirus, please consider upgrading your installation to the latest patch. Also, in 5.2 the " flow" method is much improved to the point where it is as effective (or nearly so) to proxy mode. This gives you a healthy boost in performance and capacity since AV is one of the hardest hitting protections on the box. Please consider using flow mode for all of the UTM profiles you enable. You might also consider enabling grayware detection if that is important to you: config antivirus settings set grayware enable end Hope this helps. Cheers!
-- Sean Toomey, CISSP FCNSP Consulting Security Engineer (CSE) FORTINET— High Performance Network Security
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors