Table of Contents
Advertisement
Firewall configuration
Default content profiles
Adding a content profile
FortiGate-50R Installation and Configuration Guide
The FortiGate unit has the following four default content profiles under Firewall >
Content Profile. You can use these existing content profiles or create your own:
Strict
To apply maximum content protection to HTTP, FTP, IMAP, POP3, and
SMTP content traffic. You would not use the strict content profile under
normal circumstances, but it is available if you are having extreme problems
with viruses and require maximum content screening protection.
Scan
Use the scan content profile to apply antivirus scanning to HTTP, FTP, IMAP,
POP3, and SMTP content traffic.
Web
Apply antivirus scanning and Web content blocking to HTTP content traffic.
You can add this content profile to firewall policies that control HTTP traffic.
Unfiltered
Use the unfiltered content profile if you do not want to apply any content
protection to content traffic. You can add this content profile to firewall
policies for connections between highly trusted or highly secure networks
where content does not need to be protected.
If the default content profiles do not provide the protection that you require, you can
create new content profiles customized to your requirements.
1
Go to Firewall > Content Profile.
2
Select New.
3
Type a Profile Name.
4
Enable antivirus protection options.
Anti Virus Scan
File Block
Note: If both virus Scan and File Block are enabled, the FortiGate unit blocks files that match
enabled file patterns before they are scanned for viruses.
5
Enable Web filtering options.
Web URL Block
Web Content Block
Web Script Filter
Web Exempt List
6
Enable Email filter protection options.
Email Block List
Email Exempt List
Scan web, FTP, and email traffic for viruses and worms. See
scanning" on page
204.
Delete files with blocked file patterns even if they do not contain
viruses. You should only enable file blocking when a virus has been
found that is so new that virus scanning does not detect it. See
blocking" on page
205.
Block unwanted web pages and web sites. This option adds Fortinet
URL blocking (see
"URL blocking" on page
filtering (see
"Using the Cerberian web filter" on page
traffic accepted by a policy.
Block web pages that contain unwanted words or phrases. See
"Content blocking" on page
Remove scripts from web pages. See
Exempt URLs from web filtering and virus scanning. See
URL list" on page
215.
Add a subject tag to email from unwanted addresses. See
block list" on page
219.
Exempt sender address patterns from email filtering. See
exempt list" on page
219.
209) and Cerberian URL
208.
"Script filtering" on page
Content profiles
"Antivirus
"File
212) to HTTP
214.
"Exempt
"Email
"Email
141
Advertisement
Table of Contents
