FortiGate-3000 and FortiGate-3600 FortiOS 3.0MR4 Install Guide
28 01-30004-0270-20070215
Restoring the default settings Factory defaults
Factory default protection profiles
Use protection profiles to apply different protection settings for traffic controlled by
firewall policies. You can use protection profiles to:
• configure antivirus protection for HTTP, FTP, IMAP, POP3, and SMTP firewall
policies
• configure Web filtering for HTTP firewall policies
• configure Web category filtering for HTTP firewall policies
• configure spam filtering for IMAP, POP3 and SMTP firewall policies
• enable the Intrusion Protection System (IPS) for all services
• enable content logging for HTTP, FTP, IMAP, POP3, and SMTP firewall
policies
By using protection profiles, you can build protection configurations that can be
applied to different types of firewall policies. This allows you to customize types
and levels of protection for different firewall policies.
For example, while traffic between internal and external addresses might need
strict protection, traffic between trusted internal addresses might need moderate
protection. You can configure firewall policies for different traffic services to use
the same or different protection profiles.
Protection profiles can be added to NAT/Route mode and Transparent mode
firewall policies.
The FortiGate unit comes preconfigured with four protection profiles.
Restoring the default settings
You can revert to the factory default settings if you mistakenly change a network
setting and cannot recover from it.
Strict To apply maximum protection to HTTP, FTP, IMAP, POP3, and SMTP traffic.
You may not use the strict protection profile under normal circumstances but
it is available if you have problems with viruses and require maximum
screening.
Scan To apply antivirus scanning and file quarantining to HTTP, FTP, IMAP,
POP3, and SMTP content traffic.
Web To apply antivirus scanning and web content blocking to HTTP content
traffic. You can add this protection profile to firewall policies that control
HTTP traffic.
Unfiltered To apply no scanning, blocking or IPS. Use if you do not want to apply
content protection to content traffic. You can add this protection profile to
firewall policies for connections between highly trusted or highly secure
networks where content does not need to be protected.
Caution: This procedure deletes all changes you have made to the FortiGate configuration
and reverses the system to its original configuration, including resetting interface
addresses.
To Next Page
Loading...
Need help?
General