Parameter |
Choices/Defaults |
Comments |
antivirus_profile
dictionary
|
|
Configure AntiVirus profiles.
|
|
analytics_bl_filetype
integer
|
|
Only submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id.
|
|
analytics_db
string
|
|
Enable/disable using the FortiSandbox signature database to supplement the AV signature databases.
|
|
analytics_max_upload
integer
|
|
Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes).
|
|
analytics_wl_filetype
integer
|
|
Do not submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id.
|
|
av_block_log
string
|
|
Enable/disable logging for AntiVirus file blocking.
|
|
av_virus_log
string
|
|
Enable/disable AntiVirus logging.
|
|
comment
string
|
|
Comment.
|
|
content_disarm
dictionary
|
|
AV Content Disarm and Reconstruction settings.
|
|
|
cover_page
string
|
|
Enable/disable inserting a cover page into the disarmed document.
|
|
|
detect_only
string
|
|
Enable/disable only detect disarmable files, do not alter content.
|
|
|
office_embed
string
|
|
Enable/disable stripping of embedded objects in Microsoft Office documents.
|
|
|
office_hylink
string
|
|
Enable/disable stripping of hyperlinks in Microsoft Office documents.
|
|
|
office_linked
string
|
|
Enable/disable stripping of linked objects in Microsoft Office documents.
|
|
|
office_macro
string
|
|
Enable/disable stripping of macros in Microsoft Office documents.
|
|
|
original_file_destination
string
|
Choices:
- fortisandbox
- quarantine
- discard
|
Destination to send original file if active content is removed.
|
|
|
pdf_act_form
string
|
|
Enable/disable stripping of actions that submit data to other targets in PDF documents.
|
|
|
pdf_act_gotor
string
|
|
Enable/disable stripping of links to other PDFs in PDF documents.
|
|
|
pdf_act_java
string
|
|
Enable/disable stripping of actions that execute JavaScript code in PDF documents.
|
|
|
pdf_act_launch
string
|
|
Enable/disable stripping of links to external applications in PDF documents.
|
|
|
pdf_act_movie
string
|
|
Enable/disable stripping of embedded movies in PDF documents.
|
|
|
pdf_act_sound
string
|
|
Enable/disable stripping of embedded sound files in PDF documents.
|
|
|
pdf_embedfile
string
|
|
Enable/disable stripping of embedded files in PDF documents.
|
|
|
pdf_hyperlink
string
|
|
Enable/disable stripping of hyperlinks from PDF documents.
|
|
|
pdf_javacode
string
|
|
Enable/disable stripping of JavaScript code in PDF documents.
|
|
extended_log
string
|
|
Enable/disable extended logging for antivirus.
|
|
ftgd_analytics
string
|
Choices:
- disable
- suspicious
- everything
|
Settings to control which files are uploaded to FortiSandbox.
|
|
ftp
dictionary
|
|
Configure FTP AntiVirus options.
|
|
|
archive_block
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to block.
|
|
|
archive_log
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to log.
|
|
|
emulator
string
|
|
Enable/disable the virus emulator.
|
|
|
options
string
|
Choices:
- scan
- avmonitor
- quarantine
|
Enable/disable FTP AntiVirus scanning, monitoring, and quarantine.
|
|
|
outbreak_prevention
string
|
Choices:
- disabled
- files
- full-archive
|
Enable FortiGuard Virus Outbreak Prevention service.
|
|
http
dictionary
|
|
Configure HTTP AntiVirus options.
|
|
|
archive_block
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to block.
|
|
|
archive_log
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to log.
|
|
|
content_disarm
string
|
|
Enable Content Disarm and Reconstruction for this protocol.
|
|
|
emulator
string
|
|
Enable/disable the virus emulator.
|
|
|
options
string
|
Choices:
- scan
- avmonitor
- quarantine
|
Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine.
|
|
|
outbreak_prevention
string
|
Choices:
- disabled
- files
- full-archive
|
Enable FortiGuard Virus Outbreak Prevention service.
|
|
imap
dictionary
|
|
Configure IMAP AntiVirus options.
|
|
|
archive_block
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to block.
|
|
|
archive_log
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to log.
|
|
|
content_disarm
string
|
|
Enable Content Disarm and Reconstruction for this protocol.
|
|
|
emulator
string
|
|
Enable/disable the virus emulator.
|
|
|
executables
string
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
|
|
|
options
string
|
Choices:
- scan
- avmonitor
- quarantine
|
Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine.
|
|
|
outbreak_prevention
string
|
Choices:
- disabled
- files
- full-archive
|
Enable FortiGuard Virus Outbreak Prevention service.
|
|
inspection_mode
string
|
Choices:
- proxy
- flow-based
|
Inspection mode.
|
|
mapi
dictionary
|
|
Configure MAPI AntiVirus options.
|
|
|
archive_block
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to block.
|
|
|
archive_log
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to log.
|
|
|
emulator
string
|
|
Enable/disable the virus emulator.
|
|
|
executables
string
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
|
|
|
options
string
|
Choices:
- scan
- avmonitor
- quarantine
|
Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine.
|
|
|
outbreak_prevention
string
|
Choices:
- disabled
- files
- full-archive
|
Enable FortiGuard Virus Outbreak Prevention service.
|
|
mobile_malware_db
string
|
|
Enable/disable using the mobile malware signature database.
|
|
nac_quar
dictionary
|
|
Configure AntiVirus quarantine settings.
|
|
|
expiry
string
|
|
Duration of quarantine.
|
|
|
infected
string
|
Choices:
- none
- quar-src-ip
|
Enable/Disable quarantining infected hosts to the banned user list.
|
|
|
log
string
|
|
Enable/disable AntiVirus quarantine logging.
|
|
name
string
/ required
|
|
Profile name.
|
|
nntp
dictionary
|
|
Configure NNTP AntiVirus options.
|
|
|
archive_block
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to block.
|
|
|
archive_log
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to log.
|
|
|
emulator
string
|
|
Enable/disable the virus emulator.
|
|
|
options
string
|
Choices:
- scan
- avmonitor
- quarantine
|
Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine.
|
|
|
outbreak_prevention
string
|
Choices:
- disabled
- files
- full-archive
|
Enable FortiGuard Virus Outbreak Prevention service.
|
|
pop3
dictionary
|
|
Configure POP3 AntiVirus options.
|
|
|
archive_block
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to block.
|
|
|
archive_log
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to log.
|
|
|
content_disarm
string
|
|
Enable Content Disarm and Reconstruction for this protocol.
|
|
|
emulator
string
|
|
Enable/disable the virus emulator.
|
|
|
executables
string
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
|
|
|
options
string
|
Choices:
- scan
- avmonitor
- quarantine
|
Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine.
|
|
|
outbreak_prevention
string
|
Choices:
- disabled
- files
- full-archive
|
Enable FortiGuard Virus Outbreak Prevention service.
|
|
replacemsg_group
string
|
|
Replacement message group customized for this profile. Source system.replacemsg-group.name.
|
|
scan_mode
string
|
|
Choose between full scan mode and quick scan mode.
|
|
smb
dictionary
|
|
Configure SMB AntiVirus options.
|
|
|
archive_block
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to block.
|
|
|
archive_log
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to log.
|
|
|
emulator
string
|
|
Enable/disable the virus emulator.
|
|
|
options
string
|
Choices:
- scan
- avmonitor
- quarantine
|
Enable/disable SMB AntiVirus scanning, monitoring, and quarantine.
|
|
|
outbreak_prevention
string
|
Choices:
- disabled
- files
- full-archive
|
Enable FortiGuard Virus Outbreak Prevention service.
|
|
smtp
dictionary
|
|
Configure SMTP AntiVirus options.
|
|
|
archive_block
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to block.
|
|
|
archive_log
string
|
Choices:
- encrypted
- corrupted
- partiallycorrupted
- multipart
- nested
- mailbomb
- fileslimit
- timeout
- unhandled
|
Select the archive types to log.
|
|
|
content_disarm
string
|
|
Enable Content Disarm and Reconstruction for this protocol.
|
|
|
emulator
string
|
|
Enable/disable the virus emulator.
|
|
|
executables
string
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
|
|
|
options
string
|
Choices:
- scan
- avmonitor
- quarantine
|
Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine.
|
|
|
outbreak_prevention
string
|
Choices:
- disabled
- files
- full-archive
|
Enable FortiGuard Virus Outbreak Prevention service.
|
|
state
string
|
|
Deprecated
Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
Indicates whether to create or remove the object.
|
host
string
|
|
FortiOS or FortiGate IP address.
|
https
boolean
|
|
Indicates if the requests towards FortiGate must use HTTPS protocol.
|
password
string
|
Default:
""
|
FortiOS or FortiGate password.
|
ssl_verify
boolean
added in 2.9 |
|
Ensures FortiGate certificate must be verified by a proper CA.
|
state
string
added in 2.9 |
|
Indicates whether to create or remove the object. This attribute was present already in previous version in a deeper level. It has been moved out to this outer level.
|
username
string
|
|
FortiOS or FortiGate username.
|
vdom
string
|
Default:
"root"
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
|