Default content profiles, Adding content profiles, Default content profiles adding content profiles – Fortinet FortiGate 4000 User Manual

224

Fortinet Inc.

Content profiles

Firewall configuration

Default content profiles

The FortiGate unit has the following four default content profiles that are displayed on
the Firewall Content Profile page. You can use the default content profiles or create
your own.

Adding content profiles

If the default content profiles do not provide the protection that you require, you can
create custom content profiles.

To add a content profile

1

Go to Firewall > Content Profile.

2

Select New.

3

Type a Profile Name.

4

Enable the antivirus protection options that you want.

5

Enable the web filtering options that you want.

Strict

To apply maximum content protection to HTTP, FTP, IMAP, POP3, and

SMTP content traffic. You would not use the strict content profile under

normal circumstances but it is available if you have extreme problems with

viruses and require maximum content screening protection.

Scan

To apply antivirus scanning to HTTP, FTP, IMAP, POP3, and SMTP content

traffic.

Web

To apply antivirus scanning and web content blocking to HTTP content

traffic. You can add this content profile to firewall policies that control HTTP

traffic.

Unfiltered

Use if you do not want to apply content protection to content traffic. You can

add this content profile to firewall policies for connections between highly

trusted or highly secure networks where content does not need to be

protected.

Anti Virus Scan

Scan web, FTP, and email traffic for viruses and worms. See

“Antivirus

scanning” on page 282

.

File Block

Delete files with blocked file patterns even if they do not contain

viruses. Enable file blocking when a virus has been found that is so

new that virus scanning does not detect it. See

“File blocking” on

page 283

.

Note: If both Anti Virus Scan and File Block are enabled, the FortiGate unit blocks files that
match enabled file patterns before they are scanned for viruses.

Web URL Block

Block unwanted web pages and web sites. This option adds

FortiGate Web URL blocking (see

“Configuring FortiGate Web URL

blocking” on page 291

), FortiGate Web Pattern blocking (see

“Configuring FortiGate Web pattern blocking” on page 294

), and

Cerberian URL filtering (see

“Configuring Cerberian URL filtering” on

page 294

) to HTTP traffic accepted by a policy.

Web Content Block

Block web pages that contain unwanted words or phrases. See

“Content blocking” on page 288

.

Web Script Filter

Remove scripts from web pages. See

“Script filtering” on page 297

.