Antivirus Profiles
From Security Profiles > Antivirus > Profile you can configure antivirus profiles that are then applied to firewall policies. A profile is specific configuration information that defines how the traffic within a policy is examined and what action may be taken based on the examination.
You can create multiple antivirus profiles for different antivirus scanning requirements. For example, you create an antivirus profile that specifies only virus scanning for POP3 which you then apply to the out-going firewall policy. You can also choose specific protocols, such as POP3, that will be blocked and then archived by the unit. This option is available only in the CLI.
Within antivirus profiles, you can also choose specific protocols to be blocked and then archive them. This is available only in the CLI.
To enable antivirus scanning — web-based manager
1. Go to Security Profiles > AntiVirus > Profile.
2. View and optionally change the default antivirus profile.
• You can also select Create New to create a new antivirus profile, or select an existing antivirus profile and choose Edit.
3. Select the inspection and the traffic you want scanned for viruses.
4. Select OK.
5. Go to Policy > Policy > Policy and either add or select the security policy that accepts the traffic to be virus scanned.
6. Turn on antivirus and select the profile that you configured.
7. Select OK to save the security policy.
To enable antivirus scanning — CLI
You need to configure the scan option for each type of traffic you want scanned. In this example, antivirus scanning of HTTP traffic is enabled in the profile.
config antivirus profile
edit default
config http
set options scan
end
end
Then enter a command similar to the following to add the default antivirus profile to a security policy.
config firewall policy
edit 0
set srcintf internal
set dstintf wan1
set srcaddr all
set dstaddr all
set schedule always
set service ALL
set action allow
set utm-status enable
set av-profile default
end