Fortigate | Fortinet Antivirus

Hello,

 

It this post i will talk about the AntiVirus feature of Fortigate. Since the firewall from Fortinet has a lot of features it is normal that AntiVirus is one of them.

[singlepic id=5 w=320 h=240 float=]

The processing of the Antivirus application goes as following:

1. File Filter -first it checks if any files match a file filter defined by you. Ex: block any “.exe” files

2. Virus Scan – it then scans the file for known viruses

3. Grayware – it scans the file for grayware applications

4. Heuristics – it scans the file using heuristics algorithms

 

The File Filter is composed of 3 main tasks:

1. File Pattern (name, extension etc)

2. File Type (pattern checking)

3. Actions (Allow or Block the file)

[singlepic id=6 w=320 h=240 float=]

 

A simple definition of Grayware files = unsolicited software programs that get installed on computers, often without the user approval or knowledge.

 

If the Antivirus has a HDD and the file that is scanning is matching any of the criteria explained above it will move the file to Quarantine. If the Fortigate does not have a HDD it can move them to a FortiAnalyzer.

[singlepic id=7 w=320 h=240 float=]

 

The AntiVirus feature can have the following options:

a. Proxy Splicing – sends some of the response to the client and so it prevents the client from dropping the packet, as the client does not receive an ACK for the request he sent. This is normally used for FTP, POP3, IMAP and SMTP traffic.

b. Client Comforting – gives info the the user about the process of Proxy Splicing. This is mainly used for FTP and HTTP

 

Please let me know if you have any questions.

Thanks.

 

5 Responses to “ “Fortigate | Fortinet Antivirus”

  1. I didn’t make a whole lot off profit from all of this, but I learned about the value
    of trading cards, how to take videos and pictures
    with a camcorder, the new 3DS, and gained some people skills.
    Farm Bureau Insurance does offer quiet a few discounts from
    safe driver to discounts for having other policies with them (i.In fact,
    Travelers iss the seconnd peak coverage association aidst
    regardd to underwriting Automatic coverage policies through
    independent agents.

  2. Superb, what a weblog it is! This web site gives
    valuable facts to us, keep it up.

  3. proxytpb.nl says:

    Many more rights-holders are coming forward representing
    tens of thousands of more intellectual properties nevertheless the verification process
    for identifying ownership is long and detailed,
    so we will keep on adding once we go,” added Alki David. You can close the compartment and reconnect your device. Cloud – Front has servers located throughout Europe and Asia plus the United States.

  4. Wonderful goods from you, man. I’ve take into accout your stuff previous to and you are just extremely excellent. I really like what you’ve obtained right here, certainly like what you are saying and the way through which you say it. You make it entertaining and you still take care of to keep it wise. I can’t wait to learn much more from you. This is actually a tremendous website.

  5. Anja says:

    1. Your ISP doesn’t provide fast inrtenet service/somebody is taking all the bandwidth.2. Depends if you are sure it’s the correct site and is SSL Secured..3.If you have a virus, then yes.4. Computer>Network shows all computers on the network.5. Internat doesn’t get hacked.. If you have wireless without a security code, such as a WEP code, then they can access it, but hack ?6. Yes, but it is an even better idea to shuffle the keys, because the keylogger would only be able to detect the mouse clicks.

Leave a Reply

Your email address will not be published. Required fields are marked *