Protection Profile List; Default Protection Profiles - Fortinet FortiGate FortiGate-5001 Administration Manual

Firewall

Protection profile list

Default protection profiles

FortiGate-5000 series Administration Guide
Figure 110:Sample list showing the default protection profiles
The Protection Profile list has the following icons and features.
Create New Select Create New to add a protection profile.
Delete Remove a protection profile from the list.
Edit Modify an existing protection profile.
Note: You cannot delete a protection profile (the Delete icon is not visible) if it is selected in a
firewall policy or included in a user group.
The FortiGate unit comes preconfigured with four protection profiles.
Strict To apply maximum protection to HTTP, FTP, IMAP, POP3, and SMTP traffic.
You may not wish to use the strict protection profile under normal
circumstances but it is available if you have extreme problems with viruses
and require maximum screening.
Scan To apply virus scanning to HTTP, FTP, IMAP, POP3, and SMTP traffic.
Quarantine is also selected for all content services. On FortiGate models
with a hard disk, if antivirus scanning finds a virus in a file, the file is
quarantined on the FortiGate hard disk. If required, system administrators
can recover quarantined files.
Web To apply virus scanning and web content blocking to HTTP traffic. You can
add this protection profile to firewall policies that control HTTP traffic.
Unfiltered To apply no scanning, blocking or IPS. Use the unfiltered content profile if
you do not want to apply content protection to content traffic. You can add
this protection profile to firewall policies for connections between highly
trusted or highly secure networks where content does not need to be
protected.
01-28008-0013-20050204
Protection profile
233