Enabling FortiGate antivirus protection
The antivirus profile must apply AV scanning to all protocols. You also need to enable SSL inspection to include secure protocols in antivirus scanning. The extended AV database contains the largest number of virus signatures.
To create the antivirus profile
1. Go to Security Profiles > Antivirus > Profiles.
2. Edit the default predefined profile or select Create New.
3. Set Inspection Mode to Proxy.
4. Ensure that all Virus Scan and Removal check boxes are selected.
5. Select Apply.
To enable SSL inspection
1. Go to Policy > Policy > SSL Inspection.
2. Check that the Enable check box is selected for every protocol and then select Apply.
To select the extended antivirus database
The antivirus database is selectable using the CLI:
config antivirus settings
set default-db extended
end
For detailed information about the Antivirus feature, see the Security Profiles chapter of this FortiOS Handbook.