Firewall Protection Profile What is a protection profile?
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 479
http://docs.fortinet.com/ • Feedback
Firewall Protection Profile
Protection profiles contain settings for many application layer and other types of
protection, such as antivirus, web filtering, and logging, that you can apply to a firewall
policy. For information on applying a protection profile to a firewall policy, see “Configuring
firewall policies” on page 391.
If you enable virtual domains (VDOMs) on the FortiGate unit, firewall protection profiles
are configured separately for each virtual domain. For more information, see “Using virtual
domains” on page 159.
This section contains the following topics:
• What is a protection profile?
• Adding a protection profile to a firewall policy
• Default protection profiles
• Viewing the protection profile list
• SSL content scanning and inspection
• Configuring a protection profile
What is a protection profile?
A protection profile is a group of settings that you can apply to one or more firewall
policies.
Because protection profiles can be used by more than one firewall policy, you can
configure one protection profile for the traffic types handled by a set of firewall policies
requiring identical protection levels and types, rather than repeatedly configuring those
same protection profile settings for each individual firewall policy.
For example, while traffic between trusted and untrusted networks might need strict
protection, traffic between trusted internal addresses might need moderate protection. To
provide the different levels of protection, you might configure two separate protection
profiles: one for traffic between trusted networks, and one for traffic between trusted and
untrusted networks.
You can use protection profiles to configure:
• antivirus protection
• web filtering
• FortiGuard Web Filtering
• email filtering
•IPS
• data leak prevention sensor
• dashboard statistics
Note: If the firewall policy requires authentication, do not select the protection profile in the
firewall policy. The protection profile is specific to the authenticating user group. For details
on configuring the protection profile associated with the user group, see “Configuring a user
group” on page 669.
To Next Page
Loading...
Need help?
General