Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
CAD
Contributor

Created on ‎09-25-2016 11:02 PM

enable heuristic&quarantine

Hello all,

I am running firmware 5.2.8

 

what the benefit and impact of enable "heuristic quarantine" in Antivirus profile?

What do I need to do it?

 

Thanks

6220
0 Kudos
1 Solution
oheigl
Contributor II
In response to CAD

Created on ‎10-24-2016 06:58 AM

Hello CAD,

 

maybe you could try to read the admin guide before asking these kind of questions (Handbook 5.4, Page 2112), or is this information not enough for you?:

 

Heuristics After an incoming file has passed the grayware scan, it is subjected to the heuristics scan. The FortiGate heuristic antivirus engine, if enabled, performs tests on the file to detect virus-like behavior or known virus indicators. In this way, heuristic scanning may detect new viruses, but may also produce some false positive results. You configure heuristics from the CLI. To set heuristics, enter the following in the CLI: config antivirus heuristic set mode {pass |block |disable} end l “block” enables heuristics and any files determined to be malware are blocked from entering the network. l “pass” enables heuristics but any files determined to be malware are still allowed to pass through to the recipient. l “disable” turns off heuristics.

View solution in original post

2973
0 Kudos
5 REPLIES 5
CAD
Contributor

Created on ‎09-26-2016 11:47 PM

Any insight ?

2928
0 Kudos
CAD
Contributor
In response to CAD

Created on ‎10-12-2016 11:43 PM

any advise please?

2928
0 Kudos
oheigl
Contributor II
In response to CAD

Created on ‎10-24-2016 06:58 AM

Hello CAD,

 

maybe you could try to read the admin guide before asking these kind of questions (Handbook 5.4, Page 2112), or is this information not enough for you?:

 

Heuristics After an incoming file has passed the grayware scan, it is subjected to the heuristics scan. The FortiGate heuristic antivirus engine, if enabled, performs tests on the file to detect virus-like behavior or known virus indicators. In this way, heuristic scanning may detect new viruses, but may also produce some false positive results. You configure heuristics from the CLI. To set heuristics, enter the following in the CLI: config antivirus heuristic set mode {pass |block |disable} end l “block” enables heuristics and any files determined to be malware are blocked from entering the network. l “pass” enables heuristics but any files determined to be malware are still allowed to pass through to the recipient. l “disable” turns off heuristics.

2974
0 Kudos
CAD
Contributor
In response to oheigl

Created on ‎10-24-2016 07:07 AM

Thanks for response and for this information.

2928
0 Kudos
MikePruett
Valued Contributor
In response to CAD

Created on ‎10-31-2016 09:46 AM

Word. Handbook is a one stop shop for TONS of FortiGate / FortiOS information. The heuristics scanner can come in handy depending on the application and placement of the Gate in the network.

Mike Pruett

Fortinet GURU | Fortinet Training Videos

Mike Pruett Fortinet GURU | Fortinet Training Videos
2928
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.