Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    CLI Reference

    7.4.6
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.0
    6.0.4
    6.0.3
    6.0.1
    6.0.0

    system fortiguard antivirus

    system fortiguard antivirus

    Use this command to configure how the FortiMail unit will retrieve the most recent updates to FortiGuard Antivirus engines, antivirus definitions, and antispam definitions (the heuristic antispam rules only). FortiMail can get antivirus updates either directly from a Fortinet Distribution Network (FDN) server or via a web proxy.

    Syntax

    config system fortiguard antivirus

    set override-server-address <virtual‑ip_ipv4>

    set override-server-status {enable | disable}

    set scheduled-update-day <day_int>

    set scheduled-update-frequency {daily | every | weekly}

    set scheduled-update-status {enable | disable}

    set scheduled-update-time <time_str>

    set tunneling-address <host_ipv4>

    set tunneling-password <password_str>

    set tunneling-port <port_int>

    set tunneling-status {enable | disable}

    set tunneling-username <username_str>

    set virus-db {default | extended | extreme}

    set virus-outbreak {disable | enable | enable-with-defer}

    set virus-outbreak-protection-period <minutes_int>

    end

    Variable

    Description

    Default

    override-server-address <virtual‑ip_ipv4>

    If override-server-status is enable, enter the IP address of the public or private FortiGuard Distribution Server (FDS) that overrides the default FDS to which the FortiMail unit connects for updates.

    override-server-status {enable | disable}

    Enable to override the default FDS to which the FortiMail unit connects for updates.

    disable

    scheduled-update-day <day_int>

    Enter the day of the week at which the FortiMail unit will request updates where the range is from 0-6 and 0 means Sunday and 6 means Saturday.

    scheduled-update-frequency {daily | every | weekly}

    Enter the frequency at which the FortiMail unit will request updates. Also configure scheduled-update-day <day_int> and scheduled-update-time <time_str>.

    weekly

    scheduled-update-status {enable | disable}

    Enable to perform updates according to a schedule.

    enable

    scheduled-update-time <time_str>

    Enter the time of the day at which the FortiMail unit will request updates, in the format hh:mm, where hh is the number of hours and mm is the number of minutes after the hour in 15 minute intervals.

    01:00

    tunneling-address <host_ipv4>

    If tunneling-status is enable, enter the IP address of the web proxy.

    tunneling-password <password_str>

    If tunneling-status is enable, enter the password of the account on the web proxy.

    tunneling-port <port_int>

    If tunneling-status is enable, enter the TCP port number on which the web proxy listens.

    tunneling-status {enable | disable}

    Enable to tunnel antivirus update requests and FortiGuard antispam queries through a web proxy.

    disable

    tunneling-username <username_str>

    If tunneling-status is enable, enter the user name of the FortiMail unit’s account on the web proxy.

    virus-db {default | extended | extreme}

    Depending on your models, FortiMail supports three types of antivirus databases:

    • default: The default FortiMail virus database contains most commonly seen viruses and should be sufficient enough for regular antivirus protection.
      For the current release, FortiMail VM00 model supports the default virus database only.
    • extended: Some high-end FortiMail models support the usage of an extended virus database, which contains viruses that are not active any more.
      FortiMail VM01/VM02/200F/400F models support both the default and extended virus databases.
    • extreme: Some high-end models also support the usage of an extreme virus database, which contains more virus signatures than the default and extended databases.
      For the current release, FortiMail VM04/900F and above models support all three types of virus databases.

    default

    virus-outbreak {disable | enable | enable-with-defer}

    When a virus outbreak occurs, it takes some time for updates to the FortiGuard Antivirus database. Therefore you can choose to defer the delivery of a suspicious email messages, giving time for the update to occur, and then scan the email again.

    • disable: Do not query FortiGuard antivirus service.
    • enable: Query FortiGuard antivirus service.
    • enable-with-defer: If the first query returns no results, defer the email for the specified time and then query again.

    enable-
    with-defer

    virus-outbreak-protection-period <minutes_int>

    If you set virus-outbreak to enable-with-defer, specify how many minutes to wait and then perform the second query.

    20

    Related topics

    system fortiguard antispam

    update

    Previous
    Next

    system fortiguard antivirus

    system fortiguard antivirus

    Use this command to configure how the FortiMail unit will retrieve the most recent updates to FortiGuard Antivirus engines, antivirus definitions, and antispam definitions (the heuristic antispam rules only). FortiMail can get antivirus updates either directly from a Fortinet Distribution Network (FDN) server or via a web proxy.

    Syntax

    config system fortiguard antivirus

    set override-server-address <virtual‑ip_ipv4>

    set override-server-status {enable | disable}

    set scheduled-update-day <day_int>

    set scheduled-update-frequency {daily | every | weekly}

    set scheduled-update-status {enable | disable}

    set scheduled-update-time <time_str>

    set tunneling-address <host_ipv4>

    set tunneling-password <password_str>

    set tunneling-port <port_int>

    set tunneling-status {enable | disable}

    set tunneling-username <username_str>

    set virus-db {default | extended | extreme}

    set virus-outbreak {disable | enable | enable-with-defer}

    set virus-outbreak-protection-period <minutes_int>

    end

    Variable

    Description

    Default

    override-server-address <virtual‑ip_ipv4>

    If override-server-status is enable, enter the IP address of the public or private FortiGuard Distribution Server (FDS) that overrides the default FDS to which the FortiMail unit connects for updates.

    override-server-status {enable | disable}

    Enable to override the default FDS to which the FortiMail unit connects for updates.

    disable

    scheduled-update-day <day_int>

    Enter the day of the week at which the FortiMail unit will request updates where the range is from 0-6 and 0 means Sunday and 6 means Saturday.

    scheduled-update-frequency {daily | every | weekly}

    Enter the frequency at which the FortiMail unit will request updates. Also configure scheduled-update-day <day_int> and scheduled-update-time <time_str>.

    weekly

    scheduled-update-status {enable | disable}

    Enable to perform updates according to a schedule.

    enable

    scheduled-update-time <time_str>

    Enter the time of the day at which the FortiMail unit will request updates, in the format hh:mm, where hh is the number of hours and mm is the number of minutes after the hour in 15 minute intervals.

    01:00

    tunneling-address <host_ipv4>

    If tunneling-status is enable, enter the IP address of the web proxy.

    tunneling-password <password_str>

    If tunneling-status is enable, enter the password of the account on the web proxy.

    tunneling-port <port_int>

    If tunneling-status is enable, enter the TCP port number on which the web proxy listens.

    tunneling-status {enable | disable}

    Enable to tunnel antivirus update requests and FortiGuard antispam queries through a web proxy.

    disable

    tunneling-username <username_str>

    If tunneling-status is enable, enter the user name of the FortiMail unit’s account on the web proxy.

    virus-db {default | extended | extreme}

    Depending on your models, FortiMail supports three types of antivirus databases:

    • default: The default FortiMail virus database contains most commonly seen viruses and should be sufficient enough for regular antivirus protection.
      For the current release, FortiMail VM00 model supports the default virus database only.
    • extended: Some high-end FortiMail models support the usage of an extended virus database, which contains viruses that are not active any more.
      FortiMail VM01/VM02/200F/400F models support both the default and extended virus databases.
    • extreme: Some high-end models also support the usage of an extreme virus database, which contains more virus signatures than the default and extended databases.
      For the current release, FortiMail VM04/900F and above models support all three types of virus databases.

    default

    virus-outbreak {disable | enable | enable-with-defer}

    When a virus outbreak occurs, it takes some time for updates to the FortiGuard Antivirus database. Therefore you can choose to defer the delivery of a suspicious email messages, giving time for the update to occur, and then scan the email again.

    • disable: Do not query FortiGuard antivirus service.
    • enable: Query FortiGuard antivirus service.
    • enable-with-defer: If the first query returns no results, defer the email for the specified time and then query again.

    enable-
    with-defer

    virus-outbreak-protection-period <minutes_int>

    If you set virus-outbreak to enable-with-defer, specify how many minutes to wait and then perform the second query.

    20

    Related topics

    system fortiguard antispam

    update

    Previous
    Next