fortigate防火墙配置资料课件.pptVIP

* * * On most FortiGate models, the maximum oversize threshold is 10% of total RAM. The remaining RAM is reserved for system use. FortiGate units automatically calculate the maximum oversize threshold for virus scanning. To display the maximum oversize threshold from the FortiOS v3.0 web-based manager, edit any protection profile and view the Antivirus settings. You can also display the maximum oversize threshold from the FortiOS v3.0 CLI when configuring http, ftp, imap, pop3, smtp, im, or nntp settings in a protection profile. To display the maximum oversize threshold from the FortiOS v2.80 web-based manager go to Antivirus Config Config. You can also display the maximum oversize threshold from the FortiOS v3.0 CLI using the command config antivirus service service set memfilesizelimit ?. The maximum oversize threshold approximately represents the 10% of RAM reserved for virus scanning plus 40% of the additional memory available. For high-end models FGT-3600 and FGT-5000 series, the threshold can be up to 20% of total RAM. (e.g. 2GB RAM, max oversize threshold 547 MB) * To control the number of compression levels that FortiOS will open before virus scanning the resulting uncompressed file: config antivirus service service????set uncompnestlimit depth_integerend Where: service can be bzip2, cab, gzip, lha, lzh, msc, rar, tar, or zip. depth_integer can be from 2 to 99. The default depth_integer is 12. A file with more compression levels than depth_integer is passed through without being virus scanned. * * * MUA –mail user agent MTA –mail transfer agent See RFC 822 for the “email rules” * * * Pattern matches only count once towards overall message score no matter how many occurrences in the message. Regular Expressions also known as “Perl Compatible Regular Expressions” (PCRE) * * BWL: black-white list Considered weak spam filters because of spoofing. * MIME header filtering must be enabled via the CLI Example: 1. Enable in protection profile. conf fir