Network Device Installation and Configuration Guide

ManualsBrandsFortinet ManualsNetwork CardFortiGate 100

161

162

163

164

165

166

167

168

169

170

170 Fortinet Inc.

Default content profiles Firewall configuration

Default content profiles

The FortiGate unit has the following four default content profiles under Firewall >

Content Profile. You can use these existing content profiles or create your own:

Adding a content profile

If the default content profiles do not provide the protection that you require, you can

create new content profiles customized to your requirements.

1 Go to Firewall > Content Profile.

2 Select New.

3 Type a Profile Name.

4 Enable antivirus protection options.

5 Enable Web filtering options.

6 Enable Email filter protection options.

Strict To apply maximum content protection to HTTP, FTP, IMAP, POP3, and

SMTP content traffic. You would not use the strict content profile under

normal circumstances, but it is available if you are having extreme problems

with viruses and require maximum content screening protection.

Scan Apply antivirus scanning to HTTP, FTP, IMAP, POP3, and SMTP content

traffic.

Web Apply antivirus scanning and Web content blocking to HTTP content traffic.

You can add this content profile to firewall policies that control HTTP traffic.

Unfiltered Use the unfiltered content profile if you do not want to apply any content

protection to content traffic. You can add this content profile to firewall

policies for connections between highly trusted or highly secure networks

where content does not need to be protected.

Anti Virus Scan Scan web, FTP, and email traffic for viruses and worms. See “Antivirus

scanning” on page 232.

File Block Delete files with blocked file patterns even if they do not contain

viruses. You should only enable file blocking when a virus has been

found that is so new that virus scanning does not detect it. See “File

blocking” on page 233.

Note: If both virus Scan and File Block are enabled, the FortiGate unit blocks files that match

enabled file patterns before they are scanned for viruses.

Web URL Block Block unwanted web pages and web sites. This option adds Fortinet

URL blocking (see “URL blocking” on page 237) and Cerberian URL

filtering (see “Using the Cerberian web filter” on page 240) to HTTP

traffic accepted by a policy.

Web Content Block Block web pages that contain unwanted words or phrases. See

“Content blocking” on page 236.

Web Script Filter Remove scripts from web pages. See “Script filtering” on page 242.

Web Exempt List Exempt URLs from web filtering and virus scanning. See “Exempt

URL list” on page 243.

Email Block List Add a subject tag to email from unwanted addresses. See “Email

block list” on page 247.

Email Exempt List Exempt sender address patterns from email filtering. See “Email

exempt list” on page 247.