Fortinet black logo

Handbook

Anti-virus

Anti-virus

Malware and Advanced Persistent Threats (APT) can cause significant damage to the business of any organization. Malicious codes are commonly used to steal valuable data, gain unauthorized access to networks, or cause products to degrade.

Using a suite of integrated security technologies, Anti-virus (AV) solutions provide protection against a variety of threats, including both known and unknown malicious codes (Malware) and Advanced Targeted Attacks (ATA).

Integrated with the FortiOS AV engine, FortiADC provides an industry-class malware and APT detection and mitigation solution to our customers.

AV module topology illustrates how FortiADC's AV module works:

  1. Automatically updates the latest attack signatures from FortiGuard to ensure real-time protection.
  2. Submits all files, including suspicious files, to an on-premise appliance (FortiSandbox) or cloud-based service (FortiCloud Sandbox) for further analysis after performing the basic AV processing of its own.
  3. Malicious files will be dropped or quarantined, and healthy ones will be forwarded to the backend servers.

AV module topology

To use the AV module, you must

Important Notes

  • The AV feature does not support HA.
  • If FortiADC is in HA mode, you must use the default source-ip for FortiSandbox.
  • Try to limit the number of VDOMs when the AV feature is enabled. Otherwise, the capacity of quarantine may become limited.
  • All file types are supported by AV feature.

Anti-virus

Malware and Advanced Persistent Threats (APT) can cause significant damage to the business of any organization. Malicious codes are commonly used to steal valuable data, gain unauthorized access to networks, or cause products to degrade.

Using a suite of integrated security technologies, Anti-virus (AV) solutions provide protection against a variety of threats, including both known and unknown malicious codes (Malware) and Advanced Targeted Attacks (ATA).

Integrated with the FortiOS AV engine, FortiADC provides an industry-class malware and APT detection and mitigation solution to our customers.

AV module topology illustrates how FortiADC's AV module works:

  1. Automatically updates the latest attack signatures from FortiGuard to ensure real-time protection.
  2. Submits all files, including suspicious files, to an on-premise appliance (FortiSandbox) or cloud-based service (FortiCloud Sandbox) for further analysis after performing the basic AV processing of its own.
  3. Malicious files will be dropped or quarantined, and healthy ones will be forwarded to the backend servers.

AV module topology

To use the AV module, you must

Important Notes

  • The AV feature does not support HA.
  • If FortiADC is in HA mode, you must use the default source-ip for FortiSandbox.
  • Try to limit the number of VDOMs when the AV feature is enabled. Otherwise, the capacity of quarantine may become limited.
  • All file types are supported by AV feature.