system antivirus
Use this command to configure system-wide FortiGuard Antivirus scan settings.
To use this command, your administrator account’s access control profile must have either w
or rw
permission to the sysgrp
area. For details, see Permissions.
Syntax
set default-db {basic | extended}
set scan-bzip2 {enable | disable}
set uncomp-size-limit <limit_int>
set uncomp-nest-limit <limit_int>
set use-fsa {enable | disable}
end
Variable | Description | Default |
Select which of the antivirus signature databases to use when scanning HTTP
|
basic
|
|
Enable to scan archives that are compressed using the BZIP2 algorithm. Tip: Scanning BZIP2 archives can be very CPU-intensive. To improve performance, block the BZIP2 file type, then disable this option. |
enable
|
|
Type the maximum size in kilobytes (KB) of the memory buffer that FortiWeb will use to temporarily undo the compression that a client or web server has applied to traffic, in order to inspect and/or modify it. For details, see waf file-uncompress-rule. Caution: Unless you configure otherwise, compressed requests that are too large for this buffer will pass through FortiWeb without scanning or rewriting. This could allow malware to reach your web servers, and cause HTTP body rewriting to fail. If you prefer to block requests greater than this buffer size, configure waf http-protocol-parameter-restriction. To be sure that it will not disrupt normal traffic, first configure The maximum acceptable values are: 102400 KB: FortiWeb 100D, 400C, 400D, 600D, 1000C, 3000CFsx, 3000DFsx, 4000C 204800 KB: FortiWeb 1000D, 2000D, 3000D, 4000D, 1000E, 2000E, 3010E 358400 KB: FortiWeb 3000E, 4000E |
5000 | |
Type the maximum number of allowed levels of compression (“nesting”) that FortiWeb will attempt to decompress. | 12
|
|
Enable to use the Signature Database from FortiSandbox to supplement the AV Signature Database. If enabled, FortiWeb will download the malware package from FortiSandbox's Signature Database every minute. | disable
|