FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
The Storm Worm has been spreading wildly since the beginning of 2007 and turned many computers into spam spreading and DDoS zombies.
The worm mutates very quickly - every 30 minutes. FortiGuard is catching the worm as it mutates, however, with mutations happening so quickly it is hard for the AV signatures to catch up.
The worm uses the P2P eDonkey protocol to communicate with its Command and Control servers to get updates to be able to mutate. Therefore, if any of the PCs in your network is affected by this worm, you can use a FortiGate protection profile and firewall policy to block the eDonkey application and allow the AV signatures to catch up and eliminate the worm.
To block eDonkey
Go to Firewall> Protection Profile.
Edit a protection profile or add a new protection profile.
Select the blue arrow for IM/P2P.
Select Block for eDonkey.
Save the protection profile.
Go to Firewall > Policy
Make sure the eDonkey-blocking protection profile is added to firewall policies that allow Internet access through your FortiGate unit.
