Default content profiles | Firewall configuration |
|
|
Default content profiles
The FortiGate unit has the following four default content profiles under Firewall >
Content Profile. You can use these existing content profiles or create your own:
Strict | To apply maximum content protection to HTTP, FTP, IMAP, POP3, and |
| SMTP content traffic. You would not use the strict content profile under |
| normal circumstances, but it is available if you are having extreme problems |
| with viruses and require maximum content screening protection. |
Scan | Apply antivirus scanning to HTTP, FTP, IMAP, POP3, and SMTP content |
| traffic. |
Web | Apply antivirus scanning and Web content blocking to HTTP content traffic. |
| You can add this content profile to firewall policies that control HTTP traffic. |
Unfiltered | Use the unfiltered content profile if you do not want to apply any content |
| protection to content traffic. You can add this content profile to firewall |
| policies for connections between highly trusted or highly secure networks |
| where content does not need to be protected. |
Adding a content profile
If the default content profiles do not provide the protection that you require, you can create new content profiles customized to your requirements.
1Go to Firewall > Content Profile.
2Select New.
3Type a Profile Name.
4Enable antivirus protection options.
Anti Virus Scan Scan web, FTP, and email traffic for viruses and worms. See “Antivirus
| scanning” on page 232. |
File Block | Delete files with blocked file patterns even if they do not contain |
| viruses. You should only enable file blocking when a virus has been |
| found that is so new that virus scanning does not detect it. See “File |
| blocking” on page 233. |
Note: If both virus Scan and File Block are enabled, the FortiGate unit blocks files that match enabled file patterns before they are scanned for viruses.
5Enable Web filtering options.
Web URL Block Block unwanted web pages and web sites. This option adds Fortinet
URL blocking (see “URL blocking” on page 237) and Cerberian URL filtering (see “Using the Cerberian web filter” on page 240) to HTTP traffic accepted by a policy.
Web Content Block Block web pages that contain unwanted words or phrases. See “Content blocking” on page 236.
Web Script Filter Remove scripts from web pages. See “Script filtering” on page 242.
Web Exempt List Exempt URLs from web filtering and virus scanning. See “Exempt URL list” on page 243.
6Enable Email filter protection options.
Email Block List Add a subject tag to email from unwanted addresses. See “Email
block list” on page 247.
Email Exempt List Exempt sender address patterns from email filtering. See “Email exempt list” on page 247.
170 | Fortinet Inc. |
