Factory Default Protection Profiles - Fortinet FortiGate FortiGate-3000 Installation Manual
Fortinet fortigate fortigate-3000: install guide
Hide thumbs
Also See for FortiGate FortiGate-3000:
- Administration manual (398 pages) ,
- Install manual (66 pages) ,
- Installation manual (3 pages)
Table of Contents
Advertisement
Factory default FortiGate configuration settings
Factory default protection profiles
20
Use protection profiles to apply different protection settings for traffic that is controlled
by firewall policies. You can use protection profiles to:
•
Configure antivirus protection for HTTP, FTP, IMAP, POP3, and SMTP firewall
policies
•
Configure Web filtering for HTTP firewall policies
•
Configure Web category filtering for HTTP firewall policies
•
Configure spam filtering for IMAP, POP3, and SMTP firewall policies
•
Enable the Intrusion Protection System (IPS) for all services
•
Enable content logging for HTTP, FTP, IMAP, POP3, and SMTP firewall policies
Using protection profiles, you can build protection configurations that can be applied
to different types of firewall policies. This allows you to customize types and levels of
protection for different firewall policies.
For example, while traffic between internal and external addresses might need strict
protection, traffic between trusted internal addresses might need moderate protection.
You can configure firewall policies for different traffic services to use the same or
different protection profiles.
Protection profiles can be added to NAT/Route mode and Transparent mode firewall
policies.
The FortiGate unit comes preconfigured with four protection profiles.
Strict
To apply maximum protection to HTTP, FTP, IMAP, POP3, and SMTP
traffic. You may not use the strict protection profile under normal
circumstances but it is available if you have problems with viruses and
require maximum screening.
Scan
To apply antivirus scanning to HTTP, FTP, IMAP, POP3, and SMTP content
traffic. Quarantine is also selected for all content services. On FortiGate
models with a hard drive, if antivirus scanning finds a virus in a file, the file is
quarantined on the FortiGate local disk. If required, system administrators
can recover quarantined files.
Web
To apply antivirus scanning and web content blocking to HTTP content
traffic. You can add this protection profile to firewall policies that control
HTTP traffic.
Unfiltered
To apply no scanning, blocking or IPS. Use if you do not want to apply
content protection to content traffic. You can add this protection profile to
firewall policies for connections between highly trusted or highly secure
networks where content does not need to be protected.
01-28005-0026-20041101
Getting started
Fortinet Inc.
Advertisement
Table of Contents
Need help?
Do you have a question about the FortiGate FortiGate-3000 and is the answer not in the manual?
Questions and answers