Antivirus protection File blocking
FortiGate-4000 Installation and Configuration Guide 283
Figure 82: Example content profile for virus scanning
File blocking
Enable file blocking to remove all files that are a potential threat and to provide the
best protection from active computer virus attacks. Blocking files is the only protection
from a virus that is so new that antivirus scanning cannot detect it. You would not
normally operate the FortiGate unit with blocking enabled. However, it is available for
extremely high-risk situations in which there is no other way to prevent viruses from
entering your network.
File blocking deletes all files that match a list of enabled file patterns. The FortiGate
unit replaces the file with an alert message that is forwarded to the user. The
FortiGate unit also writes a message to the virus log and sends an alert email if it is
configured to do so.
Note: If both blocking and scanning are enabled, the FortiGate unit blocks files that match
enabled file patterns and does not scan these files for viruses.