Fortinet FortiGate 4000 Switch User Manual


 
284 Fortinet Inc.
File blocking Antivirus protection
By default, when blocking is enabled, the FortiGate unit blocks the following file
patterns:
executable files (*.bat, *.com, and *.exe)
compressed or archive files (*.gz, *.rar, *.tar, *.tgz, and *.zip)
dynamic link libraries (*.dll)
HTML application (*.hta)
Microsoft Office files (*.doc, *.ppt, *.xl?)
Microsoft Works files (*.wps)
Visual Basic files (*.vb?)
screen saver files (*.scr)
Blocking files in firewall traffic
Use content profiles to apply file blocking to HTTP, FTP, POP3, IMAP, and SMTP
traffic controlled by firewall policies.
To block files in firewall traffic
1 Select file blocking in a content profile.
See “Adding content profiles” on page 224.
2 Add this content profile to firewall policies to apply content blocking to the traffic
controlled by the firewall policy.
See “Adding content profiles to policies” on page 226.
Adding file patterns to block
To add file patterns to block
1 Go to Anti-Virus > File Block.
2 Select New.
3 Type the new pattern in the File Pattern field.
You can use an asterisk (*) to represent any characters and a question mark (?) to
represent any single character. For example, *.dot blocks Microsoft Word template
files and *.do? blocks both Microsoft Word template files and document files.
4 Select the check box beside the traffic protocols for which you want to enable blocking
of this file pattern.
5 Select OK.