MMS Notifications
MMS notifications are messages that a unit sends when an MMS profile matches content in an MM1, MM3, MM4 or MM7 session. For example, the MMS profile detects a virus or uses content blocking to block a web page, text message or email. You can send notifications to the sender of the message using same protocol and the addressing headers in the original message. You can also configure MMS notifications to send notification messages to another destination (such as a system administrator) using the MM1, MM3, MM4 or MM7 protocol.
You need to enable one or more Notification Types or you can add an Antivirus Notification List to enable sending notifications,.
You can also use MMS notifications options to configure how often notifications are sent. The unit sends notification messages immediately for the first event, then at a configurable interval if events continue to occur. If the interval does not coincide with the window of time during which notices may be sent, the unit waits to send the notice in the next available window. Subsequent notices contain a count of the number of events that have occurred since the previous notification.
There are separate notifications for each notification type, including virus events. Virus event notifications include the virus name. Up to three viruses are tracked for each user at a time. If a fourth virus is found, one of the existing tracked viruses is removed from the list.
The notifications are MM1 m-send-req messages sent from the unit directly to the MMSC for delivery to the client. The host name of the MMSC, the URL to which m-send-req messages are sent, and the port must be specified.
| MMS Notification | |
| Antivirus Notification List | Optionally select an antivirus notification list to select a list of virus names to send notifications for. The unit sends a notification message whenever a virus name or prefix in the antivirus notification list matches the name of a virus detected in a session scanned by the MMS protection profile. Select Disabled if you do not want to use a notification list.
Instead of selecting a notification list you can configure the Virus Scan Notification Type to send notifications for all viruses. |
| MMS Notification | |
| Message Protocol | In each column, select the protocol used to send notification messages. You can use a different protocol to send the notification message than the protocol on which the violation was sent. The MMS Notifications options change depending on the message protocol that you select.
If you select a different message protocol, you must also enter the User Domain. If selecting MM7 you must also enter the Message Type. |
| Message Type | Select the MM7 message type to use if sending notifications using MM7. Options include deliver.REQ and submit.REQ |
| Detect Server Details | Select to use the information in the headers of the original message to set the address of the notification message. If you do not select this option, you can enter the required addressing information manually.
You cannot select Detect Server Details if you are sending notification messages using a different message protocol. If you select Detect Server Details, you cannot change the Port where the notification is being sent. |
| Hostname | Enter the FQDN or the IP address of the server where the notifications will be sent. |
| URL | Enter the URL of the server. For example if the notificaiton is going to www.example.com/home/alerts , the URL is /home/alerts.
This option is available only when Message Protocol is mm1 or mm7. |
| Port | Enter the port number of the server.
You cannot change the Port if Detect Server Details is enabled. |
| Username | Enter the user name required for sending messages using this server
(optional). This option is available only when Message Protocol is mm7. |
| Password | Enter the password required for sending messages using this server
(optional). This option is available only when Message Protocol is mm7. |
| MMS Notification | |
| VASP ID | Enter the value-added-service-provider (VASP) ID to be used when sending a notification message. If a VAS is not offered by the mobile provider, it is offered by a third party or a VAS provider or content provider (CP).
This option is available only when Message Protocol is mm7. |
| VAS ID | Enter the value-added-service (VAS) ID to be used when sending a notification message. A VAS is generally any service beyond voice calls and fax.
This option is available only when Message Protocol is mm7. |
| All Notification Types | In each column, select notification for all MMS event types for that MMS protocol, then enter the amount of time and select the time unit for notice intervals.
Alternatively, expand All Notification Types, and then select notification for individual MMS event types for each MMS protocol. Then enter the amount of time and select the time unit for notice intervals. Not all event types are available for all MMS protocols. |
| Content Filter | In each column, select to notify when messages are blocked by the content filter, then enter the amount of time and select the time unit for notice intervals. |
| File Block | In each column, select to notify when messages are blocked by file block, then enter the amount of time and select the time unit for notice intervals. |
| Carrier Endpoint Block | In each column, select to notify when messages are blocked, then enter the amount of time and select the time unit for notice intervals. |
| Flood | In each column, select to notify when message flood events occur, then enter the amount of time and select the time unit for notice intervals. |
| Duplicate | In each column, select to notify when duplicate message events occur, then enter the amount of time and select the time unit for notice intervals. |
| MMS Content Checksum | In each column, select to notify when the content within an MMS message is scanned and banned because of the checksum value that was matched. |
| Virus Scan | In each column, select to notify when the content within an MMS message is scanned for viruses. |
| MMS Notification | |
| Notifications Per Second Limit | For each MMS protocol, enter the number of notifications to send per second. If you enter zero(0), the notification rate is not limited. |
| Day of Week | For each MMS protocol, select the days of the week the unit is allowed to send notifications. |
| Window Start Time | For each MMS protocol, select the time of day to begin the message alert window. By default, the message window starts at 00:00. You can change this if you want to start the message window later in the day.
When configured, notification outside this window will not be sent. |
| Window Duration | For each MMS protocol, select the time of day at which to end the message alert window. By default, the message window ends at 00:24. You can change this if you want to end the message window earlier in the day.
When configured, notification outside this window will not be sent |
DLP Archive options
Select DLP archive options to archive MM1, MM3, MM4, and MM7 sessions. In addition to the MMS profile’s DLP archive options, you can:
- Archive MM1 and MM7 message floods l Archive MM1 and MM7 duplicate messages
- Select DLP archiving for carrier endpoint patterns in a Carrier Endpoint List and select the Carrier Endpoint Block option in the MMS Scanning section of an MMS Profile
The unit only allows one sixteenth of its memory for transferring content archive files. For example, for units with 128MB RAM, only 8MB of memory is used when transferring content archive files. Best practices dictate to not enable full content archiving if antivirus scanning is also configured because of these memory constraints.
| DLP Archive | |
| Display DLP metainformation on the system dashboard | Select each required protocol to display the content archive summary in the Log and Archive Statistics dashboard widget on the System Dashboard. |
| DLP Archive | |
| Archive to
FortiAnalyzer/FortiGuard |
Select the type of archiving that you want for the protocol (MM1, MM3, MM4, and MM7). You can choose from Full, Summary or None.
None — Do not send content archives. Summary — Send content archive metadata only. Includes information such as date and time, source and destination, request and response size, and scan result. Full — Send content archive both metadata and copies of files or messages. In some cases, FortiOS Carrier may not archive content, or may make only a partial content archive, regardless of your selected option. This behavior varies by prerequisites for each protocol. This option is available only if a FortiAnalyzer unit or FortiGuard Analysis and Management Service is configured. |
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!