Firewall configuration

Content profiles

 

 

Default content profiles

The FortiGate unit has the following four default content profiles that are displayed on the Firewall Content Profile page. You can use the default content profiles or create your own.

Strict

To apply maximum content protection to HTTP, FTP, IMAP, POP3, and

 

SMTP content traffic. You would not use the strict content profile under

 

normal circumstances but it is available if you have extreme problems with

 

viruses and require maximum content screening protection.

Scan

To apply antivirus scanning to HTTP, FTP, IMAP, POP3, and SMTP content

 

traffic.

Web

To apply antivirus scanning and web content blocking to HTTP content

 

traffic. You can add this content profile to firewall policies that control HTTP

 

traffic.

Unfiltered

Use if you do not want to apply content protection to content traffic. You can

 

add this content profile to firewall policies for connections between highly

 

trusted or highly secure networks where content does not need to be

 

protected.

Adding content profiles

If the default content profiles do not provide the protection that you require, you can create custom content profiles.

To add a content profile

1Go to Firewall > Content Profile.

2Select New.

3Type a Profile Name.

4Enable the antivirus protection options that you want.

Anti Virus Scan

Scan web, FTP, and email traffic for viruses and worms. See “Antivirus

 

scanning” on page 226.

File Block

Delete files with blocked file patterns even if they do not contain

 

viruses. Enable file blocking when a virus has been found that is so

 

new that virus scanning does not detect it. See “File blocking” on

 

page 227.

Note: If both Anti Virus Scan and File Block are enabled, the FortiGate unit blocks files that match enabled file patterns before they are scanned for viruses.

5Enable the web filtering options that you want.

Web URL Block Block unwanted web pages and web sites. This option adds

FortiGate Web URL blocking (see “Configuring FortiGate Web URL blocking” on page 235), FortiGate Web Pattern blocking (see “Configuring FortiGate Web pattern blocking” on page 237), and Cerberian URL filtering (see “Configuring Cerberian URL filtering” on page 238) to HTTP traffic accepted by a policy.

Web Content Block Block web pages that contain unwanted words or phrases. See “Content blocking” on page 232.

Web Script Filter Remove scripts from web pages. See “Script filtering” on page 240.

FortiGate-50A Installation and Configuration Guide

167

Page 167
Image 167
Fortinet 50A user manual Default content profiles, Adding content profiles, 167