Unified Threat Management (UTM) creates additional control layers that examine the contents of the network traffic already permitted by the rules related to addresses, services, and schedules as mentioned previously. The UTM options can be grouped into a profile that we are able to apply to one or more firewall policies. In the following screenshot, we have the UTM menu of a FortiGate unit with the different UTM features shown.
The Antivirus filter examines network traffic for viruses, worms, Trojans, and malware. The antivirus scan engine has a database of virus signatures that it uses to identify security risks. Depending on the FortiGate unit we are able to select between a regular virus database, an extended version containing "viruses that are no longer seen in recent virus studies," and an extreme version that is able to filter viruses that have been dormant for a long period and that rely on older hardware and software. There is also an option to check for Grayware...