Enable Antivirus steps - CLI based
You need to configure the scan option for each type of traffic you want scanned.
1. 1. Configure the Antivirus profile
config antivirus profile
edit "default"
set comment "scan and delete virus"
set replacemsg-group ''
set scan-botnet-connections block
set ftgd-analytics suspicious
config http
set options scan
end
config ftp
set options scan
end
config imap
set options scan
end
config pop3
set options scan
end
config smtp
set options scan
end
config nntp
set options scan
end
config smb
set options scan
end
end
2. Add the Antivirus profile to the Fortigate firewall security policy. When using the CLI, you will need to know the policy ID number.
config firewall policy
edit <policy ID number>
set av-profile default
set profile-protocol-options default
end