ProtectionProtectionProfilesProfiles
2
Fortinet Technologies
Protection Profiles
Protection profiles control the type of traffic protected
HTTP FTP IMAP POP3 SMTP
the type of antivirus and intrusion protection enabled
the treatment of fragmented email and oversized files or email
3
Fortinet Technologies
Default Protection Profiles
Your FortiGate unit comes with four default protection profiles:
Strict Scan Web Unfiltered
4
Fortinet Technologies
Protection Profile Configuration
Configure the following for each protection profile: antivirus web filtering web content filtering spam filtering IPS logging
5
Fortinet Technologies
Protection Profile - Antivirus
Enable Virus Scan File Block
Action on oversized files and email
Firewall > Protection Profile > Create New
6
Fortinet Technologies
Protection Profile – Web Filtering
Enable Web Content Block Web URL Block
Web Exempt List Web Script Filter
7
Fortinet Technologies
Protection Profile – FortiGuard Category Filtering
8
Fortinet Technologies
FortiGuard Category Filtering
Enable category blocking Block unrated web sites Allow web sites when a rating error occurs Set Action for each category
9
Fortinet Technologies
Protection Profile – Spam Filtering
10
Fortinet Technologies
Protection Profile – Spam Filtering (1)
Enable checks for IP addresses Listing on RBL and ORDBL databases Reverse DNS lookup (SMTP only) Email addresses Return email DNS lookup MIME headers Banned words
11
Fortinet Technologies
Protection Profile – Spam Filtering (2)
Set Spam Action Discard (SMTP only) Tagged Pass
Append message to subject line or MIME header (IMAP and POP3 only)
Enable logging
12
Fortinet Technologies
Reverse DNS Lookup (SMTP only)
Performed when a HELO command is received from the SMTP server
Checks the domain name against the actual IP address of the peer
13
Fortinet Technologies
Protection Profile - IPS
Enable IPS Signatures IPS Anomalies
14
Fortinet Technologies
Protection Profile – Content Log
Log content meta-information for HTTP FTP IMAP POP3 SMTP