4.2.5 Enable grayware detection on antivirus

Information

Grayware detection should be enabled.

Usage of grayware is generally not allowed in strict company policies and some graywares can be used for malicious intent. If the file passes the virus scan, it can be checked for grayware. Grayware signatures are kept up to date in the same manner as the antivirus definitions.

Solution

On CLI:

FGT1 # config antivirus settings
FGT1 (settings) # set grayware enable

See Also

https://workbench.cisecurity.org/benchmarks/15284

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3, CSCv7|8.1, CSCv7|8.2

Plugin: FortiGate

Control ID: 4034dd91cf150a5b255d9ee8ee0d1d2486f6aa6132a298de127c04faea258ed7