Fortinet published a SysAdmin Handbook article called "Adding denied sessions to session table" http://docs.fortinet.com/d/fortigate-adding-denied-sessions-to-session-table. In that article there is an error.
They have the process listed as
config system setting
set ses-denied-traffic enable
set block-session-timer 60
end
Where in fact the correct process to implement session blocking is