Adding A Protection Profile To A Firewall Policy; Default Protection Profiles - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
Adding a protection profile to a firewall policy
Adding a protection profile to a firewall policy
Default protection profiles
480
•
application control
•
logging for traffic which violates the protection profile.
Protection profiles are used when specified in one or more firewall policies whose Action
is set to ACCEPT, IPSEC, or SSL VPN.
For example, if you create a protection profile containing SMTP antivirus settings that you
want to apply to all incoming SMTP connections, you might select that protection profile in
all external-to-internal firewall policies whose service group contain the SMTP service.
Protection profiles can contain settings relevant to many different services. Each firewall
policy uses the subset of the protection profile settings which apply to its specified
Service. In this way, you might define one protection profile that can be used by many
firewall policies, each policy using a different or overlapping subset of the protection
profile.
To add a protection profile to a firewall policy
1 Go to Firewall > Policy.
If virtual domains are enabled on the FortiGate unit, protection profiles are applied
separately in firewall policies for each virtual domain (VDOM). To access firewall
policies, first select a virtual domain from the main menu.
2 Select Create New to add a policy, or select Edit for the policy to which you want to
apply the protection profile.
3 Enable Protection Profile in the firewall policy.
4 Select the protection profile that you want to apply to the firewall policy.
The firewall policy will use settings from the protection profile that apply to its Services.
5 If you are creating a new firewall policy, configure other required policy options. For
more information, see
6 Select OK.
FortiGate units have four default protection profiles. You can use these default protection
profiles as bases for creating your own.
Strict
Apply maximum protection to HTTP, FTP, IMAP, POP3, and SMTP traffic. The
strict protection profile may not be useful under normal circumstances, but it is
available when maximum protection is required.
Scan
Apply virus scanning to HTTP, FTP, IMAP, POP3, and SMTP traffic. Quarantine is
also selected for all content services. On FortiGate models with a hard drive, if
antivirus scanning finds a virus in a file, the file is quarantined on the FortiGate
hard disk. If a FortiAnalyzer unit is configured, files are quarantined remotely.
Quarantine permits system administrators to inspect, recover, or submit
quarantined files to Fortinet for analysis.
Web
Apply virus scanning and web content filtering to HTTP traffic. Add this protection
profile to firewall policies that control HTTP traffic.
Unfiltered
Apply no scanning, blocking or IPS. Use the unfiltered content profile if no content
protection for content traffic is required. Add this protection profile to firewall
policies for connections between highly trusted or highly secure networks where
content does not need to be protected.
"Configuring firewall policies" on page
FortiGate Version 4.0 MR1 Administration Guide
Firewall Protection Profile
391.
01-410-89802-20090903
http://docs.fortinet.com/
•
Feedback
Advertisement
Table of Contents
