Fortinet black logo

CLI Reference

antivirus settings

antivirus settings

Configure basic antivirus settings, such as selecting the default antivirus database and enabling or disabling grayware detection as part of antivirus scanning.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.

Command Description

set override-timeout <seconds>

Override the large file scan timeout value in seconds. Set the range between 30 - 3600 or (30 seconds to one hour). The default value is 0, disabling the command. When disabled, the daemon adjusts the large file scan timeout based on the file size.

config antivirus settings
    set default-db {normal | extended | extreme}   Select the AV database to be used for AV scanning.
            normal    Use the normal AntiVirus database.
            extended  Use the extended AntiVirus database.
            extreme   Use all available AntiVirus databases
    set grayware {enable | disable}   Enable/disable grayware detection when an AntiVirus profile is applied to traffic.
    set override-timeout {integer}   Override the large file scan timeout value in seconds (30 - 3600). Zero is the default value and is used to disable this command. When disabled, the daemon adjusts the large file scan timeout based on the file size. range[30-3600]
end

Additional information

The following section is for those options that require additional explanation.

default-db {normal | extended | extreme}

Select the database to be used for antivirus scanning. Both proxy and flow inspection modes use these databases.

  • normal: Use the normal virus database, which includes viruses that are "in the wild," including the commonly seen viruses. For regular antivirus protection, it is sufficient to use this database (set by default).
  • extended: Use the extended virus database, which includes both "in the wild" viruses and a large collection of "in the zoo" viruses. It is suitable for an enhanced security environment.
  • extreme: Use the extreme virus database, which includes both "in the wild" viruses and all available "in the zoo" viruses. It is suitable for an enhanced security environment.

grayware {enable | disable}

Enable (by default) or disable the detection of grayware, including adware, dial, downloader, hacker tool, keylogger, RAT, and spyware.

antivirus settings

Configure basic antivirus settings, such as selecting the default antivirus database and enabling or disabling grayware detection as part of antivirus scanning.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.

Command Description

set override-timeout <seconds>

Override the large file scan timeout value in seconds. Set the range between 30 - 3600 or (30 seconds to one hour). The default value is 0, disabling the command. When disabled, the daemon adjusts the large file scan timeout based on the file size.

config antivirus settings
    set default-db {normal | extended | extreme}   Select the AV database to be used for AV scanning.
            normal    Use the normal AntiVirus database.
            extended  Use the extended AntiVirus database.
            extreme   Use all available AntiVirus databases
    set grayware {enable | disable}   Enable/disable grayware detection when an AntiVirus profile is applied to traffic.
    set override-timeout {integer}   Override the large file scan timeout value in seconds (30 - 3600). Zero is the default value and is used to disable this command. When disabled, the daemon adjusts the large file scan timeout based on the file size. range[30-3600]
end

Additional information

The following section is for those options that require additional explanation.

default-db {normal | extended | extreme}

Select the database to be used for antivirus scanning. Both proxy and flow inspection modes use these databases.

  • normal: Use the normal virus database, which includes viruses that are "in the wild," including the commonly seen viruses. For regular antivirus protection, it is sufficient to use this database (set by default).
  • extended: Use the extended virus database, which includes both "in the wild" viruses and a large collection of "in the zoo" viruses. It is suitable for an enhanced security environment.
  • extreme: Use the extreme virus database, which includes both "in the wild" viruses and all available "in the zoo" viruses. It is suitable for an enhanced security environment.

grayware {enable | disable}

Enable (by default) or disable the detection of grayware, including adware, dial, downloader, hacker tool, keylogger, RAT, and spyware.