Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kyozloveyou_FTNT
Staff
Staff

Created on ‎06-17-2019 07:05 AM Edited on ‎11-23-2021 07:49 AM By Anonymous

Article Id 193212

Technical Tip: How to eliminate 'Check Archive scanning enabled for AV scan' in FortiGate compliance check

Description

This article describes how to eliminate 'Check Archive scanning enabled for AV scan' in the FortiGate compliance check.
 

When compliance check is configured in System> Advanced >Compliance, it is normal to see error message of “Check Archive scanning enabled for AV scan” in the compliance logs.


Solution
The error message is due to no block for unexpected archive such as encrypted, corrupted and etc.

AV profile may be enabled to scan this with using the following command:

config antivirus profile
    edit <AV_profile>
        config http
        set options scan
        set archive-block encrypted corrupted multipart nested mailbomb unhandled
    end
end


Note: Please do note that this AV profile needed to be used on any of the policy and please do not forget to re-run the compliance test again to confirm the result.

 

1376
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.