Fortinet 5.0 Patch 6 Configuring a protection profile for an out-of-band topology or asynchronous mode of operation

Fortinet 477 FortiWeb 5.0 Patch 6 Administration Guide

To view or modify a component without leaving the page, next to the drop-down menu

where you have selected the component, click Detail.

5. Click OK.

6. If you intend to use this protection profile in conjunction with an auto-learning profile in order

to indicate which attacks and other aspects should be discovered, also configure the

auto-learning profile. For details, see “Configuring an auto-learning profile” on page 177.

7. To apply the inline protection profile, select it in a server policy. For details, see “How

operation mode affects server policy behavior” on page 463.

See also

•How operation mode affects server policy behavior

•HTTP sessions & security

•Configuring a server policy

Configuring a protection profile for an out-of-band topology or asynchronous mode of operation

Offline protection profiles combine previously configured rules, profiles, and policies into a

comprehensive set that can be applied by a policy. Offline protection profiles contain only the

features that are supported in out-of-band topologies and asynchronous inspection, which will

be used with operation modes such as transparent inspection and offline protection.

Offline protection profiles’ primary purpose is to detect attacks, especially for use in

conjunction with auto-learning profiles. Depending on the routing and network load, due to

limitations inherent to out-of-band topologies and asynchronous inspection, FortiWeb may not

be able to reliably block all of the attacks it detects, even if you have configured FortiWeb with

an Action setting of Alert & Deny. In fact, if used in conjunction with auto-learning profiles, you

Redirect URL With

Reason

Enable to include the reason for redirection as a parameter in the

URL, such as

reason=Parameter%20Validation%20Violation, when traffic

has been redirected using Redirect URL. The FortiWeb appliance also

adds fortiwaf=1 to the URL to detect and cancel a redirect loop (if

the redirect action would otherwise recursively triggers an attack

event).

By default, this option is disabled.

Caution: If the FortiWeb appliance is protecting a redirect URL,

enable this option to prevent infinite redirect loops.

Data Analytics Enable to gather hit, attack, and traffic volume statistics for each

server policy that includes this profile. See “Configuring policies to

gather data” on page 598 and “Viewing web site statistics” on

page 599.

Note: This option cannot be enabled until you have uploaded a

geography-to-IP mapping database. See “Updating data analytics

definitions” on page 598.

Setting name Description