fmgr_secprof_av – Manage security profile

From Get docs
Ansible/docs/2.8/modules/fmgr secprof av module


fmgr_secprof_av – Manage security profile

New in version 2.8.


Synopsis

  • Manage security profile groups for FortiManager objects

Parameters

Parameter Choices/Defaults Comments

adom

-

Default:

"root"

The ADOM the configuration should belong to.

analytics_bl_filetype

-

Only submit files matching this DLP file-pattern to FortiSandbox.

analytics_db

-

  • disable
  • enable

Enable/disable using the FortiSandbox signature database to supplement the AV signature databases.

analytics_max_upload

-

Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes, default = 10).

analytics_wl_filetype

-

Do not submit files matching this DLP file-pattern to FortiSandbox.

av_block_log

-

  • disable
  • enable

Enable/disable logging for AntiVirus file blocking.

av_virus_log

-

  • disable
  • enable

Enable/disable AntiVirus logging.

comment

-

Comment.

content_disarm

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

content_disarm_cover_page

-

  • disable
  • enable

Enable/disable inserting a cover page into the disarmed document.

content_disarm_detect_only

-

  • disable
  • enable

Enable/disable only detect disarmable files, do not alter content.

content_disarm_office_embed

-

  • disable
  • enable

Enable/disable stripping of embedded objects in Microsoft Office documents.

content_disarm_office_hylink

-

  • disable
  • enable

Enable/disable stripping of hyperlinks in Microsoft Office documents.

content_disarm_office_linked

-

  • disable
  • enable

Enable/disable stripping of linked objects in Microsoft Office documents.

content_disarm_office_macro

-

  • disable
  • enable

Enable/disable stripping of macros in Microsoft Office documents.

content_disarm_original_file_destination

-

  • fortisandbox
  • quarantine
  • discard

Destination to send original file if active content is removed.

content_disarm_pdf_act_form

-

  • disable
  • enable

Enable/disable stripping of actions that submit data to other targets in PDF documents.

content_disarm_pdf_act_gotor

-

  • disable
  • enable

Enable/disable stripping of links to other PDFs in PDF documents.

content_disarm_pdf_act_java

-

  • disable
  • enable

Enable/disable stripping of actions that execute JavaScript code in PDF documents.

content_disarm_pdf_act_launch

-

  • disable
  • enable

Enable/disable stripping of links to external applications in PDF documents.

content_disarm_pdf_act_movie

-

  • disable
  • enable

Enable/disable stripping of embedded movies in PDF documents.

content_disarm_pdf_act_sound

-

  • disable
  • enable

Enable/disable stripping of embedded sound files in PDF documents.

content_disarm_pdf_embedfile

-

  • disable
  • enable

Enable/disable stripping of embedded files in PDF documents.

content_disarm_pdf_hyperlink

-

  • disable
  • enable

Enable/disable stripping of hyperlinks from PDF documents.

content_disarm_pdf_javacode

-

  • disable
  • enable

Enable/disable stripping of JavaScript code in PDF documents.

extended_log

-

  • disable
  • enable

Enable/disable extended logging for antivirus.

ftgd_analytics

-

  • disable
  • suspicious
  • everything

Settings to control which files are uploaded to FortiSandbox.

ftp

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

ftp_archive_block

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to block.

FLAG Based Options. Specify multiple in list form.

ftp_archive_log

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to log.

FLAG Based Options. Specify multiple in list form.

ftp_emulator

-

  • disable
  • enable

Enable/disable the virus emulator.

ftp_options

-

  • scan
  • quarantine
  • avmonitor

Enable/disable FTP AntiVirus scanning, monitoring, and quarantine.

FLAG Based Options. Specify multiple in list form.

ftp_outbreak_prevention

-

  • disabled
  • files
  • full-archive

Enable FortiGuard Virus Outbreak Prevention service.

http

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

http_archive_block

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to block.

FLAG Based Options. Specify multiple in list form.

http_archive_log

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to log.

FLAG Based Options. Specify multiple in list form.

http_content_disarm

-

  • disable
  • enable

Enable Content Disarm and Reconstruction for this protocol.

http_emulator

-

  • disable
  • enable

Enable/disable the virus emulator.

http_options

-

  • scan
  • quarantine
  • avmonitor

Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine.

FLAG Based Options. Specify multiple in list form.

http_outbreak_prevention

-

  • disabled
  • files
  • full-archive

Enable FortiGuard Virus Outbreak Prevention service.

imap

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

imap_archive_block

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to block.

FLAG Based Options. Specify multiple in list form.

imap_archive_log

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to log.

FLAG Based Options. Specify multiple in list form.

imap_content_disarm

-

  • disable
  • enable

Enable Content Disarm and Reconstruction for this protocol.

imap_emulator

-

  • disable
  • enable

Enable/disable the virus emulator.

imap_executables

-

  • default
  • virus

Treat Windows executable files as viruses for the purpose of blocking or monitoring.

imap_options

-

  • scan
  • quarantine
  • avmonitor

Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine.

FLAG Based Options. Specify multiple in list form.

imap_outbreak_prevention

-

  • disabled
  • files
  • full-archive

Enable FortiGuard Virus Outbreak Prevention service.

inspection_mode

-

  • proxy
  • flow-based

Inspection mode.

mapi

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

mapi_archive_block

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to block.

FLAG Based Options. Specify multiple in list form.

mapi_archive_log

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to log.

FLAG Based Options. Specify multiple in list form.

mapi_emulator

-

  • disable
  • enable

Enable/disable the virus emulator.

mapi_executables

-

  • default
  • virus

Treat Windows executable files as viruses for the purpose of blocking or monitoring.

mapi_options

-

  • scan
  • quarantine
  • avmonitor

Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine.

FLAG Based Options. Specify multiple in list form.

mapi_outbreak_prevention

-

  • disabled
  • files
  • full-archive

Enable FortiGuard Virus Outbreak Prevention service.

mobile_malware_db

-

  • disable
  • enable

Enable/disable using the mobile malware signature database.

mode

-

  • add

  • set
  • delete
  • update

Sets one of three modes for managing the object.

Allows use of soft-adds instead of overwriting existing values

nac_quar

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

nac_quar_expiry

-

Duration of quarantine.

nac_quar_infected

-

  • none
  • quar-src-ip

Enable/Disable quarantining infected hosts to the banned user list.

nac_quar_log

-

  • disable
  • enable

Enable/disable AntiVirus quarantine logging.

name

-

Profile name.

nntp

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

nntp_archive_block

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to block.

FLAG Based Options. Specify multiple in list form.

nntp_archive_log

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to log.

FLAG Based Options. Specify multiple in list form.

nntp_emulator

-

  • disable
  • enable

Enable/disable the virus emulator.

nntp_options

-

  • scan
  • quarantine
  • avmonitor

Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine.

FLAG Based Options. Specify multiple in list form.

nntp_outbreak_prevention

-

  • disabled
  • files
  • full-archive

Enable FortiGuard Virus Outbreak Prevention service.

pop3

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

pop3_archive_block

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to block.

FLAG Based Options. Specify multiple in list form.

pop3_archive_log

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to log.

FLAG Based Options. Specify multiple in list form.

pop3_content_disarm

-

  • disable
  • enable

Enable Content Disarm and Reconstruction for this protocol.

pop3_emulator

-

  • disable
  • enable

Enable/disable the virus emulator.

pop3_executables

-

  • default
  • virus

Treat Windows executable files as viruses for the purpose of blocking or monitoring.

pop3_options

-

  • scan
  • quarantine
  • avmonitor

Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine.

FLAG Based Options. Specify multiple in list form.

pop3_outbreak_prevention

-

  • disabled
  • files
  • full-archive

Enable FortiGuard Virus Outbreak Prevention service.

replacemsg_group

-

Replacement message group customized for this profile.

scan_mode

-

  • quick
  • full

Choose between full scan mode and quick scan mode.

smb

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

smb_archive_block

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to block.

FLAG Based Options. Specify multiple in list form.

smb_archive_log

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to log.

FLAG Based Options. Specify multiple in list form.

smb_emulator

-

  • disable
  • enable

Enable/disable the virus emulator.

smb_options

-

  • scan
  • quarantine
  • avmonitor

Enable/disable SMB AntiVirus scanning, monitoring, and quarantine.

FLAG Based Options. Specify multiple in list form.

smb_outbreak_prevention

-

  • disabled
  • files
  • full-archive

Enable FortiGuard Virus Outbreak Prevention service.

smtp

-

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameters ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

smtp_archive_block

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to block.

FLAG Based Options. Specify multiple in list form.

smtp_archive_log

-

  • encrypted
  • corrupted
  • multipart
  • nested
  • mailbomb
  • unhandled
  • partiallycorrupted
  • fileslimit
  • timeout

Select the archive types to log.

FLAG Based Options. Specify multiple in list form.

smtp_content_disarm

-

  • disable
  • enable

Enable Content Disarm and Reconstruction for this protocol.

smtp_emulator

-

  • disable
  • enable

Enable/disable the virus emulator.

smtp_executables

-

  • default
  • virus

Treat Windows executable files as viruses for the purpose of blocking or monitoring.

smtp_options

-

  • scan
  • quarantine
  • avmonitor

Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine.

FLAG Based Options. Specify multiple in list form.

smtp_outbreak_prevention

-

  • disabled
  • files
  • full-archive

Enable FortiGuard Virus Outbreak Prevention service.



Notes

Examples

- name: DELETE Profile
  fmgr_secprof_av:
    name: "Ansible_AV_Profile"
    mode: "delete"

- name: CREATE Profile
  fmgr_secprof_av:
    name: "Ansible_AV_Profile"
    comment: "Created by Ansible Module TEST"
    mode: "set"
    inspection_mode: "proxy"
    ftgd_analytics: "everything"
    av_block_log: "enable"
    av_virus_log: "enable"
    scan_mode: "full"
    mobile_malware_db: "enable"
    ftp_archive_block: "encrypted"
    ftp_outbreak_prevention: "files"
    ftp_archive_log: "timeout"
    ftp_emulator: "disable"
    ftp_options: "scan"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

api_result

string

always

full API response, includes status code and message





Status

Authors

  • Luke Weighall (@lweighall)
  • Andrew Welsh (@Ghilli3)
  • Jim Huber (@p4r4n0y1ng)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/fmgr_secprof_av_module.html