New in version 2.8.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments | ||
---|---|---|---|---|
antivirus_profile
-
|
Default: null
|
Configure AntiVirus profiles.
|
||
analytics-bl-filetype
-
|
Only submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id.
|
|||
analytics-db
-
|
|
Enable/disable using the FortiSandbox signature database to supplement the AV signature databases.
|
||
analytics-max-upload
-
|
Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes, default = 10).
|
|||
analytics-wl-filetype
-
|
Do not submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id.
|
|||
av-block-log
-
|
|
Enable/disable logging for AntiVirus file blocking.
|
||
av-virus-log
-
|
|
Enable/disable AntiVirus logging.
|
||
comment
-
|
Comment.
|
|||
content-disarm
-
|
AV Content Disarm and Reconstruction settings.
|
|||
cover-page
-
|
|
Enable/disable inserting a cover page into the disarmed document.
|
||
detect-only
-
|
|
Enable/disable only detect disarmable files, do not alter content.
|
||
office-embed
-
|
|
Enable/disable stripping of embedded objects in Microsoft Office documents.
|
||
office-hylink
-
|
|
Enable/disable stripping of hyperlinks in Microsoft Office documents.
|
||
office-linked
-
|
|
Enable/disable stripping of linked objects in Microsoft Office documents.
|
||
office-macro
-
|
|
Enable/disable stripping of macros in Microsoft Office documents.
|
||
original-file-destination
-
|
|
Destination to send original file if active content is removed.
|
||
pdf-act-form
-
|
|
Enable/disable stripping of actions that submit data to other targets in PDF documents.
|
||
pdf-act-gotor
-
|
|
Enable/disable stripping of links to other PDFs in PDF documents.
|
||
pdf-act-java
-
|
|
Enable/disable stripping of actions that execute JavaScript code in PDF documents.
|
||
pdf-act-launch
-
|
|
Enable/disable stripping of links to external applications in PDF documents.
|
||
pdf-act-movie
-
|
|
Enable/disable stripping of embedded movies in PDF documents.
|
||
pdf-act-sound
-
|
|
Enable/disable stripping of embedded sound files in PDF documents.
|
||
pdf-embedfile
-
|
|
Enable/disable stripping of embedded files in PDF documents.
|
||
pdf-hyperlink
-
|
|
Enable/disable stripping of hyperlinks from PDF documents.
|
||
pdf-javacode
-
|
|
Enable/disable stripping of JavaScript code in PDF documents.
|
||
extended-log
-
|
|
Enable/disable extended logging for antivirus.
|
||
ftgd-analytics
-
|
|
Settings to control which files are uploaded to FortiSandbox.
|
||
ftp
-
|
Configure FTP AntiVirus options.
|
|||
archive-block
-
|
|
Select the archive types to block.
|
||
archive-log
-
|
|
Select the archive types to log.
|
||
emulator
-
|
|
Enable/disable the virus emulator.
|
||
options
-
|
|
Enable/disable FTP AntiVirus scanning, monitoring, and quarantine.
|
||
outbreak-prevention
-
|
|
Enable FortiGuard Virus Outbreak Prevention service.
|
||
http
-
|
Configure HTTP AntiVirus options.
|
|||
archive-block
-
|
|
Select the archive types to block.
|
||
archive-log
-
|
|
Select the archive types to log.
|
||
content-disarm
-
|
|
Enable Content Disarm and Reconstruction for this protocol.
|
||
emulator
-
|
|
Enable/disable the virus emulator.
|
||
options
-
|
|
Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine.
|
||
outbreak-prevention
-
|
|
Enable FortiGuard Virus Outbreak Prevention service.
|
||
imap
-
|
Configure IMAP AntiVirus options.
|
|||
archive-block
-
|
|
Select the archive types to block.
|
||
archive-log
-
|
|
Select the archive types to log.
|
||
content-disarm
-
|
|
Enable Content Disarm and Reconstruction for this protocol.
|
||
emulator
-
|
|
Enable/disable the virus emulator.
|
||
executables
-
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
|
||
options
-
|
|
Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine.
|
||
outbreak-prevention
-
|
|
Enable FortiGuard Virus Outbreak Prevention service.
|
||
inspection-mode
-
|
|
Inspection mode.
|
||
mapi
-
|
Configure MAPI AntiVirus options.
|
|||
archive-block
-
|
|
Select the archive types to block.
|
||
archive-log
-
|
|
Select the archive types to log.
|
||
emulator
-
|
|
Enable/disable the virus emulator.
|
||
executables
-
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
|
||
options
-
|
|
Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine.
|
||
outbreak-prevention
-
|
|
Enable FortiGuard Virus Outbreak Prevention service.
|
||
mobile-malware-db
-
|
|
Enable/disable using the mobile malware signature database.
|
||
nac-quar
-
|
Configure AntiVirus quarantine settings.
|
|||
expiry
-
|
Duration of quarantine.
|
|||
infected
-
|
|
Enable/Disable quarantining infected hosts to the banned user list.
|
||
log
-
|
|
Enable/disable AntiVirus quarantine logging.
|
||
name
-
/ required
|
Profile name.
|
|||
nntp
-
|
Configure NNTP AntiVirus options.
|
|||
archive-block
-
|
|
Select the archive types to block.
|
||
archive-log
-
|
|
Select the archive types to log.
|
||
emulator
-
|
|
Enable/disable the virus emulator.
|
||
options
-
|
|
Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine.
|
||
outbreak-prevention
-
|
|
Enable FortiGuard Virus Outbreak Prevention service.
|
||
pop3
-
|
Configure POP3 AntiVirus options.
|
|||
archive-block
-
|
|
Select the archive types to block.
|
||
archive-log
-
|
|
Select the archive types to log.
|
||
content-disarm
-
|
|
Enable Content Disarm and Reconstruction for this protocol.
|
||
emulator
-
|
|
Enable/disable the virus emulator.
|
||
executables
-
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
|
||
options
-
|
|
Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine.
|
||
outbreak-prevention
-
|
|
Enable FortiGuard Virus Outbreak Prevention service.
|
||
replacemsg-group
-
|
Replacement message group customized for this profile. Source system.replacemsg-group.name.
|
|||
scan-mode
-
|
|
Choose between full scan mode and quick scan mode.
|
||
smb
-
|
Configure SMB AntiVirus options.
|
|||
archive-block
-
|
|
Select the archive types to block.
|
||
archive-log
-
|
|
Select the archive types to log.
|
||
emulator
-
|
|
Enable/disable the virus emulator.
|
||
options
-
|
|
Enable/disable SMB AntiVirus scanning, monitoring, and quarantine.
|
||
outbreak-prevention
-
|
|
Enable FortiGuard Virus Outbreak Prevention service.
|
||
smtp
-
|
Configure SMTP AntiVirus options.
|
|||
archive-block
-
|
|
Select the archive types to block.
|
||
archive-log
-
|
|
Select the archive types to log.
|
||
content-disarm
-
|
|
Enable Content Disarm and Reconstruction for this protocol.
|
||
emulator
-
|
|
Enable/disable the virus emulator.
|
||
executables
-
|
|
Treat Windows executable files as viruses for the purpose of blocking or monitoring.
|
||
options
-
|
|
Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine.
|
||
outbreak-prevention
-
|
|
Enable FortiGuard Virus Outbreak Prevention service.
|
||
state
-
|
|
Indicates whether to create or remove the object
|
||
host
-
/ required
|
FortiOS or FortiGate ip address.
|
|||
https
boolean
|
|
Indicates if the requests towards FortiGate must use HTTPS protocol
|
||
password
-
|
Default: ""
|
FortiOS or FortiGate password.
|
||
username
-
/ required
|
FortiOS or FortiGate username.
|
|||
vdom
-
|
Default: "root"
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
|
Note
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
tasks:
- name: Configure AntiVirus profiles.
fortios_antivirus_profile:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
antivirus_profile:
state: "present"
analytics-bl-filetype: "3 (source dlp.filepattern.id)"
analytics-db: "disable"
analytics-max-upload: "5"
analytics-wl-filetype: "6 (source dlp.filepattern.id)"
av-block-log: "enable"
av-virus-log: "enable"
comment: "Comment."
content-disarm:
cover-page: "disable"
detect-only: "disable"
office-embed: "disable"
office-hylink: "disable"
office-linked: "disable"
office-macro: "disable"
original-file-destination: "fortisandbox"
pdf-act-form: "disable"
pdf-act-gotor: "disable"
pdf-act-java: "disable"
pdf-act-launch: "disable"
pdf-act-movie: "disable"
pdf-act-sound: "disable"
pdf-embedfile: "disable"
pdf-hyperlink: "disable"
pdf-javacode: "disable"
extended-log: "enable"
ftgd-analytics: "disable"
ftp:
archive-block: "encrypted"
archive-log: "encrypted"
emulator: "enable"
options: "scan"
outbreak-prevention: "disabled"
http:
archive-block: "encrypted"
archive-log: "encrypted"
content-disarm: "disable"
emulator: "enable"
options: "scan"
outbreak-prevention: "disabled"
imap:
archive-block: "encrypted"
archive-log: "encrypted"
content-disarm: "disable"
emulator: "enable"
executables: "default"
options: "scan"
outbreak-prevention: "disabled"
inspection-mode: "proxy"
mapi:
archive-block: "encrypted"
archive-log: "encrypted"
emulator: "enable"
executables: "default"
options: "scan"
outbreak-prevention: "disabled"
mobile-malware-db: "disable"
nac-quar:
expiry: "<your_own_value>"
infected: "none"
log: "enable"
name: "default_name_63"
nntp:
archive-block: "encrypted"
archive-log: "encrypted"
emulator: "enable"
options: "scan"
outbreak-prevention: "disabled"
pop3:
archive-block: "encrypted"
archive-log: "encrypted"
content-disarm: "disable"
emulator: "enable"
executables: "default"
options: "scan"
outbreak-prevention: "disabled"
replacemsg-group: "<your_own_value> (source system.replacemsg-group.name)"
scan-mode: "quick"
smb:
archive-block: "encrypted"
archive-log: "encrypted"
emulator: "enable"
options: "scan"
outbreak-prevention: "disabled"
smtp:
archive-block: "encrypted"
archive-log: "encrypted"
content-disarm: "disable"
emulator: "enable"
executables: "default"
options: "scan"
outbreak-prevention: "disabled"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build
string
|
always |
Build number of the fortigate image
Sample:
1547
|
http_method
string
|
always |
Last method used to provision the content into FortiGate
Sample:
PUT
|
http_status
string
|
always |
Last result given by FortiGate on last operation applied
Sample:
200
|
mkey
string
|
success |
Master key (id) used in the last call to FortiGate
Sample:
id
|
name
string
|
always |
Name of the table used to fulfill the request
Sample:
urlfilter
|
path
string
|
always |
Path of the table used to fulfill the request
Sample:
webfilter
|
revision
string
|
always |
Internal revision number
Sample:
17.0.2.10658
|
serial
string
|
always |
Serial number of the unit
Sample:
FGVMEVYYQT3AB5352
|
status
string
|
always |
Indication of the operation's result
Sample:
success
|
vdom
string
|
always |
Virtual domain used
Sample:
root
|
version
string
|
always |
Version of the FortiGate
Sample:
v5.6.3
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.