Protection Profile List; Default Protection Profiles - Fortinet FortiGate FortiGate-1000 Administration Manual

Protection profile

Protection profile list

Default protection profiles

224
Figure 104:Sample list showing the default protection profiles
The IP pool list has the following icons and features.
Create New Select Create New to add an IP pool.
Name The start IP defines the start of an address range.
The Delete and Edit/View icons.
Note: A protection profile cannot be deleted (and the Delete icon is not visible) if it is selected in
a firewall policy or included in a user group.
The FortiGate unit comes preconfigured with four protection profiles.
Strict To apply maximum protection to HTTP, FTP, IMAP, POP3, and SMTP traffic.
You may not wish to use the strict protection profile under normal
circumstances but it is available if you have extreme problems with viruses
and require maximum screening.
Scan To apply virus scanning to HTTP, FTP, IMAP, POP3, and SMTP traffic.
Quarantine is also selected for all content services. On FortiGate models
with a hard disk, if antivirus scanning finds a virus in a file, the file is
quarantined on the FortiGate hard disk. If required, system administrators
can recover quarantined files.
Web To apply virus scanning and web content blocking to HTTP traffic. You can
add this protection profile to firewall policies that control HTTP traffic.
Unfiltered To apply no scanning, blocking or IPS. Use the unfiltered content profile if
you do not want to apply content protection to content traffic. You can add
this protection profile to firewall policies for connections between highly
trusted or highly secure networks where content does not need to be
protected.
01-28006-0009-20041105
Firewall
Fortinet Inc.