fortinet.fortios.fortios_antivirus_profile – Configure AntiVirus profiles in Fortinet’s FortiOS and FortiGate.
Note
This plugin is part of the fortinet.fortios collection (version 2.1.3).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install fortinet.fortios
.
To use it in a playbook, specify: fortinet.fortios.fortios_antivirus_profile
.
New in version 2.10: of fortinet.fortios
Synopsis
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify antivirus feature and profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
Requirements
The below requirements are needed on the host that executes this module.
ansible>=2.9.0
Parameters
Parameter |
Comments |
---|---|
Token-based authentication. Generated from GUI of Fortigate. |
|
Configure AntiVirus profiles. |
|
Only submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. |
|
Only submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. |
|
Enable/disable using the FortiSandbox signature database to supplement the AV signature databases. Choices:
|
|
Do not submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. |
|
Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes). |
|
Do not submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id. |
|
Enable/disable logging for AntiVirus file blocking. Choices:
|
|
Enable/disable AntiVirus logging. Choices:
|
|
Configure CIFS AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable CIFS AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Comment. |
|
AV Content Disarm and Reconstruction settings. |
|
Enable/disable inserting a cover page into the disarmed document. Choices:
|
|
Enable/disable only detect disarmable files, do not alter content. Choices:
|
|
Action to be taken if CDR engine encounters an unrecoverable error. Choices:
|
|
Enable/disable stripping of PowerPoint action events in Microsoft Office documents. Choices:
|
|
Enable/disable stripping of Dynamic Data Exchange events in Microsoft Office documents. Choices:
|
|
Enable/disable stripping of embedded objects in Microsoft Office documents. Choices:
|
|
Enable/disable stripping of hyperlinks in Microsoft Office documents. Choices:
|
|
Enable/disable stripping of linked objects in Microsoft Office documents. Choices:
|
|
Enable/disable stripping of macros in Microsoft Office documents. Choices:
|
|
Destination to send original file if active content is removed. Choices:
|
|
Enable/disable stripping of actions that submit data to other targets in PDF documents. Choices:
|
|
Enable/disable stripping of links to other PDFs in PDF documents. Choices:
|
|
Enable/disable stripping of actions that execute JavaScript code in PDF documents. Choices:
|
|
Enable/disable stripping of links to external applications in PDF documents. Choices:
|
|
Enable/disable stripping of embedded movies in PDF documents. Choices:
|
|
Enable/disable stripping of embedded sound files in PDF documents. Choices:
|
|
Enable/disable stripping of embedded files in PDF documents. Choices:
|
|
Enable/disable stripping of hyperlinks from PDF documents. Choices:
|
|
Enable/disable stripping of JavaScript code in PDF documents. Choices:
|
|
Enable/disable use of EMS threat feed when performing AntiVirus scan. Choices:
|
|
Enable/disable extended logging for antivirus. Choices:
|
|
One or more external malware block lists. |
|
External blocklist. Source system.external-resource.name. |
|
Enable/disable external-blocklist archive scanning. Choices:
|
|
Enable/disable all external blocklists. Choices:
|
|
Flow/proxy feature set. Choices:
|
|
Action to take if FortiAI encounters an error. Choices:
|
|
Settings to control which files are uploaded to FortiSandbox. Choices:
|
|
Configure FTP AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable FTP AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable FortiGuard Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Configure HTTP AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable Content Disarm and Reconstruction for this protocol. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable FortiGuard Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Configure IMAP AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable Content Disarm and Reconstruction for this protocol. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable FortiGuard Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Inspection mode. Choices:
|
|
Configure MAPI AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable FortiGuard Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Enable/disable using the mobile malware signature database. Choices:
|
|
Configure AntiVirus quarantine settings. |
|
Duration of quarantine. |
|
Enable/Disable quarantining infected hosts to the banned user list. Choices:
|
|
Enable/disable AntiVirus quarantine logging. Choices:
|
|
Profile name. |
|
Configure NNTP AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable FortiGuard Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Configure Virus Outbreak Prevention settings. |
|
Enable/disable external malware blocklist. Choices:
|
|
Enable/disable FortiGuard Virus outbreak prevention service. Choices:
|
|
Enable/disable outbreak-prevention archive scanning. Choices:
|
|
Configure POP3 AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable Content Disarm and Reconstruction for this protocol. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable FortiGuard Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Replacement message group customized for this profile. Source system.replacemsg-group.name. |
|
Choose between full scan mode and quick scan mode. Choices:
|
|
Configure SMB AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Enable/disable SMB AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable FortiGuard Virus Outbreak Prevention service. Choices:
|
|
Configure SMTP AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable Content Disarm and Reconstruction for this protocol. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable FortiGuard Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Configure SFTP and SCP AntiVirus options. |
|
Select the archive types to block. Choices:
|
|
Select the archive types to log. Choices:
|
|
Enable AntiVirus scan service. Choices:
|
|
Enable/disable the virus emulator. Choices:
|
|
Enable external-blocklist. Choices:
|
|
Enable/disable scanning of files by FortiAI server. Choices:
|
|
Enable/disable SFTP and SCP AntiVirus scanning, monitoring, and quarantine. Choices:
|
|
Enable Virus Outbreak Prevention service. Choices:
|
|
Enable/disable quarantine for infected files. Choices:
|
|
Enable/Disable logging for task. Choices:
|
|
Member attribute path to operate on. Delimited by a slash character if there are more than one attribute. Parameter marked with member_path is legitimate for doing member operation. |
|
Add or delete a member under specified attribute path. When member_state is specified, the state option is ignored. Choices:
|
|
Indicates whether to create or remove the object. Choices:
|
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. Default: “root” |
Examples
- collections:
- fortinet.fortios
connection: httpapi
hosts: fortigate01
vars:
ansible_httpapi_port: 443
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
vdom: root
tasks:
- name: fortios_antivirus_profile
fortios_antivirus_profile:
vdom: root
state: present
antivirus_profile:
analytics_bl_filetype: 0
analytics_db: disable
analytics_max_upload: 10
analytics_wl_filetype: 0
av_block_log: enable
av_virus_log: enable
extended_log: disable
feature_set: flow
ftgd_analytics: disable
mobile_malware_db: enable
name: terr-anti-profile
scan_mode: default
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Build number of the fortigate image Returned: always Sample: “1547” |
|
Last method used to provision the content into FortiGate Returned: always Sample: “PUT” |
|
Last result given by FortiGate on last operation applied Returned: always Sample: “200” |
|
Master key (id) used in the last call to FortiGate Returned: success Sample: “id” |
|
Name of the table used to fulfill the request Returned: always Sample: “urlfilter” |
|
Path of the table used to fulfill the request Returned: always Sample: “webfilter” |
|
Internal revision number Returned: always Sample: “17.0.2.10658” |
|
Serial number of the unit Returned: always Sample: “FGVMEVYYQT3AB5352” |
|
Indication of the operation’s result Returned: always Sample: “success” |
|
Virtual domain used Returned: always Sample: “root” |
|
Version of the FortiGate Returned: always Sample: “v5.6.3” |
Authors
Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)