fmgr_secprof_av – Manage security profile

New in version 2.8.

Synopsis

  • Manage security profile groups for FortiManager objects

Parameters

Parameter Choices/Defaults Comments
adom
-
Default:
"root"
The ADOM the configuration should belong to.
analytics_bl_filetype
-
Only submit files matching this DLP file-pattern to FortiSandbox.
analytics_db
-
    Choices:
  • disable
  • enable
Enable/disable using the FortiSandbox signature database to supplement the AV signature databases.
analytics_max_upload
-
Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes, default = 10).
analytics_wl_filetype
-
Do not submit files matching this DLP file-pattern to FortiSandbox.
av_block_log
-
    Choices:
  • disable
  • enable
Enable/disable logging for AntiVirus file blocking.
av_virus_log
-
    Choices:
  • disable
  • enable
Enable/disable AntiVirus logging.
comment
-
Comment.
content_disarm
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
content_disarm_cover_page
-
    Choices:
  • disable
  • enable
Enable/disable inserting a cover page into the disarmed document.
content_disarm_detect_only
-
    Choices:
  • disable
  • enable
Enable/disable only detect disarmable files, do not alter content.
content_disarm_office_embed
-
    Choices:
  • disable
  • enable
Enable/disable stripping of embedded objects in Microsoft Office documents.
content_disarm_office_hylink
-
    Choices:
  • disable
  • enable
Enable/disable stripping of hyperlinks in Microsoft Office documents.
content_disarm_office_linked
-
    Choices:
  • disable
  • enable
Enable/disable stripping of linked objects in Microsoft Office documents.
content_disarm_office_macro
-
    Choices:
  • disable
  • enable
Enable/disable stripping of macros in Microsoft Office documents.
content_disarm_original_file_destination
-
    Choices:
  • fortisandbox
  • quarantine
  • discard
Destination to send original file if active content is removed.
content_disarm_pdf_act_form
-
    Choices:
  • disable
  • enable
Enable/disable stripping of actions that submit data to other targets in PDF documents.
content_disarm_pdf_act_gotor
-
    Choices:
  • disable
  • enable
Enable/disable stripping of links to other PDFs in PDF documents.
content_disarm_pdf_act_java
-
    Choices:
  • disable
  • enable
Enable/disable stripping of actions that execute JavaScript code in PDF documents.
content_disarm_pdf_act_launch
-
    Choices:
  • disable
  • enable
Enable/disable stripping of links to external applications in PDF documents.
content_disarm_pdf_act_movie
-
    Choices:
  • disable
  • enable
Enable/disable stripping of embedded movies in PDF documents.
content_disarm_pdf_act_sound
-
    Choices:
  • disable
  • enable
Enable/disable stripping of embedded sound files in PDF documents.
content_disarm_pdf_embedfile
-
    Choices:
  • disable
  • enable
Enable/disable stripping of embedded files in PDF documents.
content_disarm_pdf_hyperlink
-
    Choices:
  • disable
  • enable
Enable/disable stripping of hyperlinks from PDF documents.
content_disarm_pdf_javacode
-
    Choices:
  • disable
  • enable
Enable/disable stripping of JavaScript code in PDF documents.
extended_log
-
    Choices:
  • disable
  • enable
Enable/disable extended logging for antivirus.
ftgd_analytics
-
    Choices:
  • disable
  • suspicious
  • everything
Settings to control which files are uploaded to FortiSandbox.
ftp
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
ftp_archive_block
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to block.
FLAG Based Options. Specify multiple in list form.
ftp_archive_log
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to log.
FLAG Based Options. Specify multiple in list form.
ftp_emulator
-
    Choices:
  • disable
  • enable
Enable/disable the virus emulator.
ftp_options
-
    Choices:
  • scan
  • quarantine
  • avmonitor
Enable/disable FTP AntiVirus scanning, monitoring, and quarantine.
FLAG Based Options. Specify multiple in list form.
ftp_outbreak_prevention
-
    Choices:
  • disabled
  • files
  • full-archive
Enable FortiGuard Virus Outbreak Prevention service.
http
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
http_archive_block
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to block.
FLAG Based Options. Specify multiple in list form.
http_archive_log
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to log.
FLAG Based Options. Specify multiple in list form.
http_content_disarm
-
    Choices:
  • disable
  • enable
Enable Content Disarm and Reconstruction for this protocol.
http_emulator
-
    Choices:
  • disable
  • enable
Enable/disable the virus emulator.
http_options
-
    Choices:
  • scan
  • quarantine
  • avmonitor
Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine.
FLAG Based Options. Specify multiple in list form.
http_outbreak_prevention
-
    Choices:
  • disabled
  • files
  • full-archive
Enable FortiGuard Virus Outbreak Prevention service.
imap
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
imap_archive_block
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to block.
FLAG Based Options. Specify multiple in list form.
imap_archive_log
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to log.
FLAG Based Options. Specify multiple in list form.
imap_content_disarm
-
    Choices:
  • disable
  • enable
Enable Content Disarm and Reconstruction for this protocol.
imap_emulator
-
    Choices:
  • disable
  • enable
Enable/disable the virus emulator.
imap_executables
-
    Choices:
  • default
  • virus
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
imap_options
-
    Choices:
  • scan
  • quarantine
  • avmonitor
Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine.
FLAG Based Options. Specify multiple in list form.
imap_outbreak_prevention
-
    Choices:
  • disabled
  • files
  • full-archive
Enable FortiGuard Virus Outbreak Prevention service.
inspection_mode
-
    Choices:
  • proxy
  • flow-based
Inspection mode.
mapi
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
mapi_archive_block
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to block.
FLAG Based Options. Specify multiple in list form.
mapi_archive_log
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to log.
FLAG Based Options. Specify multiple in list form.
mapi_emulator
-
    Choices:
  • disable
  • enable
Enable/disable the virus emulator.
mapi_executables
-
    Choices:
  • default
  • virus
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
mapi_options
-
    Choices:
  • scan
  • quarantine
  • avmonitor
Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine.
FLAG Based Options. Specify multiple in list form.
mapi_outbreak_prevention
-
    Choices:
  • disabled
  • files
  • full-archive
Enable FortiGuard Virus Outbreak Prevention service.
mobile_malware_db
-
    Choices:
  • disable
  • enable
Enable/disable using the mobile malware signature database.
mode
-
    Choices:
  • add ←
  • set
  • delete
  • update
Sets one of three modes for managing the object.
Allows use of soft-adds instead of overwriting existing values
nac_quar
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
nac_quar_expiry
-
Duration of quarantine.
nac_quar_infected
-
    Choices:
  • none
  • quar-src-ip
Enable/Disable quarantining infected hosts to the banned user list.
nac_quar_log
-
    Choices:
  • disable
  • enable
Enable/disable AntiVirus quarantine logging.
name
-
Profile name.
nntp
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
nntp_archive_block
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to block.
FLAG Based Options. Specify multiple in list form.
nntp_archive_log
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to log.
FLAG Based Options. Specify multiple in list form.
nntp_emulator
-
    Choices:
  • disable
  • enable
Enable/disable the virus emulator.
nntp_options
-
    Choices:
  • scan
  • quarantine
  • avmonitor
Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine.
FLAG Based Options. Specify multiple in list form.
nntp_outbreak_prevention
-
    Choices:
  • disabled
  • files
  • full-archive
Enable FortiGuard Virus Outbreak Prevention service.
pop3
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
pop3_archive_block
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to block.
FLAG Based Options. Specify multiple in list form.
pop3_archive_log
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to log.
FLAG Based Options. Specify multiple in list form.
pop3_content_disarm
-
    Choices:
  • disable
  • enable
Enable Content Disarm and Reconstruction for this protocol.
pop3_emulator
-
    Choices:
  • disable
  • enable
Enable/disable the virus emulator.
pop3_executables
-
    Choices:
  • default
  • virus
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
pop3_options
-
    Choices:
  • scan
  • quarantine
  • avmonitor
Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine.
FLAG Based Options. Specify multiple in list form.
pop3_outbreak_prevention
-
    Choices:
  • disabled
  • files
  • full-archive
Enable FortiGuard Virus Outbreak Prevention service.
replacemsg_group
-
Replacement message group customized for this profile.
scan_mode
-
    Choices:
  • quick
  • full
Choose between full scan mode and quick scan mode.
smb
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
smb_archive_block
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to block.
FLAG Based Options. Specify multiple in list form.
smb_archive_log
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to log.
FLAG Based Options. Specify multiple in list form.
smb_emulator
-
    Choices:
  • disable
  • enable
Enable/disable the virus emulator.
smb_options
-
    Choices:
  • scan
  • quarantine
  • avmonitor
Enable/disable SMB AntiVirus scanning, monitoring, and quarantine.
FLAG Based Options. Specify multiple in list form.
smb_outbreak_prevention
-
    Choices:
  • disabled
  • files
  • full-archive
Enable FortiGuard Virus Outbreak Prevention service.
smtp
-
EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!
List of multiple child objects to be added. Expects a list of dictionaries.
Dictionaries must use FortiManager API parameters, not the ansible ones listed below.
If submitted, all other prefixed sub-parameters ARE IGNORED.
This object is MUTUALLY EXCLUSIVE with its options.
We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.
WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS
smtp_archive_block
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to block.
FLAG Based Options. Specify multiple in list form.
smtp_archive_log
-
    Choices:
  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout
Select the archive types to log.
FLAG Based Options. Specify multiple in list form.
smtp_content_disarm
-
    Choices:
  • disable
  • enable
Enable Content Disarm and Reconstruction for this protocol.
smtp_emulator
-
    Choices:
  • disable
  • enable
Enable/disable the virus emulator.
smtp_executables
-
    Choices:
  • default
  • virus
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
smtp_options
-
    Choices:
  • scan
  • quarantine
  • avmonitor
Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine.
FLAG Based Options. Specify multiple in list form.
smtp_outbreak_prevention
-
    Choices:
  • disabled
  • files
  • full-archive
Enable FortiGuard Virus Outbreak Prevention service.

Notes

Examples

- name: DELETE Profile
  fmgr_secprof_av:
    name: "Ansible_AV_Profile"
    mode: "delete"

- name: CREATE Profile
  fmgr_secprof_av:
    name: "Ansible_AV_Profile"
    comment: "Created by Ansible Module TEST"
    mode: "set"
    inspection_mode: "proxy"
    ftgd_analytics: "everything"
    av_block_log: "enable"
    av_virus_log: "enable"
    scan_mode: "full"
    mobile_malware_db: "enable"
    ftp_archive_block: "encrypted"
    ftp_outbreak_prevention: "files"
    ftp_archive_log: "timeout"
    ftp_emulator: "disable"
    ftp_options: "scan"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
api_result
string
always
full API response, includes status code and message



Status

Authors

  • Luke Weighall (@lweighall)

  • Andrew Welsh (@Ghilli3)

  • Jim Huber (@p4r4n0y1ng)

Hint

If you notice any issues in this documentation you can edit this document to improve it.