MMS virus scanning

Leave a reply

Configuring endpoint filter list entries

For each single endpoint or group of endpoints have part of their identifying information in common, you create an entry in the endpoint filter list.

For example a blocked_clients filter list may include entries for single endpoints added as each one needs to be blocked and a group of clients from a country that does not allow certain services.

 

To configure an endpoint filter list entry – web-based manager

1. Select Create New.

2. Enter the following information and select OK.

Name                                                   Name of endpoint filter list. Select this name in an MMS protection profile.

Comments                                          Optional description of the endpoint filter list.

Check/Uncheck All                            Select the check box to enable all endpoint patterns in the MMS filter list.

Clear the check box to disable all entries on the MMS filter list.

You can also select or clear individual check boxes to enable or dis- able individual endpoint patterns.

Pattern                                                The pattern that FortiOS Carrier uses to match with endpoints. The pattern can be a single endpoint or consist of wildcards or Perl regular expressions that will match more than one endpoint. For more on wild- card and regular expressions, see Using wildcards and Perl regular expressions in the UTM guide.

Action                                                 Select the action taken by FortiOS Carrier for messages from a carrier endpoint that matches the endpoint pattern:

None – No action is taken.

Block – MMS messages from the endpoint are not delivered and

FortiOS Carrier records a log message.

Exempt from mass MMS – MMS messages from the endpoint are delivered and are exempt from mass MMS filtering. Mass MMS fil- tering is configured in MMS protection profiles and is also called MMS Bulk Email Filtering and includes MMS message flood protection and MMS duplicate message detection. A valid use of mass MMS would be when a service provider notifies customers of a system-wide event such as a shutdown.

Exempt from all scanning – MMS messages from the endpoint are delivered and are exempt from all MMS protection profile scanning.

Content Archive                                MMS messages from the endpoint are delivered, the message con- tent is DLP archived according to MMS DLP archive settings. Content archiving is also called DLP archiving.

Intercept                                             MMS messages from the endpoint are delivered. Based on the quar- antine configuration, attached files may be removed and quarantined.

Pattern Type                                       The pattern type: Wildcard, Regular Expression, or Single End- point.

Enable                                                 Select to enable this endpoint filter pattern.

Pages: 1 2 3 4 5 6 7
This entry was posted in FortiOS 5.4 Handbook on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.