FortiGuard content disarm and reconstruction

Content Disarm and Reconstruction (CDR) removes exploitable content and replaces it with content that's known to be safe. As files are processed through an enabled AntiVirus profile, content that's found to be malicious or unsafe is replaced with content that allows the traffic to continue, but doesn't put the recipient at risk.

Content that can be scanned includes PDF and Microsoft Office files leaving the network on CDR-supported protocols (such as, HTTP web download, SMTP email send, IMAP and POP3 email retrieval—MAPI isn't supported).

This feature works even if FortiSandbox is not configured, but only if you want to discard the original file. If FortiSandbox is configured and it responds that the file is clean, it passes the content unmodified.

For more information, see Content Disarm and Reconstruction (CDR).