Security profiles

Welcome and thank you for selecting Fortinet products for your network protection.

The following chapter describes the Security Profile features available on your FortiGate unit, including antivirus, intrusion prevention system (IPS), web filtering, email filtering, data leak prevention, (DLP) and application control. The guide includes step-by-step instructions showing how to configure each feature. Example scenarios are included, with suggested configurations.

Examples include scenarios using web filtering to protect users from inappropriate content, using IPS to protect web servers from attack, and using antivirus scanning to protect your network against viruses and malicious file attachments.

Before you begin

Before you begin using this guide, take a moment to note the following:

Administrators are assumed to be super_admin administrators unless otherwise specified. Some restrictions will apply to other administrators.

Firewall policies limit access, and, while this and other similar features are a vital part of securing your network, they are not covered in this guide.

If your FortiGate unit supports SSL acceleration, it also supports SSL content scanning and inspection for HTTPS, IMAPS, POP3S, and SMTPS traffic.

How this chapter is organized

This FortiOS Handbook chapter contains the following sections:

• What's New in FortiOS 5.6 describes the new security profile features in FortiOS 5.6.
• Inside FortiOS highlights the features and benefits of key FortiOS 5.6 components. The technical documentation team maintains these documents as part of the Handbook and as standalone documents which are available at Fortinet's Online Help. Inside FortiOS covers the following security profiles topics:
• AntiVirus
• Application Control
• Intrusion Prevention System
• Web Filtering
• Security Profiles overview describes Security Profiles components and their relation to firewall policies, as well as SSL content scanning and inspection.
• Inspection Modes discusses the FortiGate's inspection modes and how the security profiles function depending on inspection mode.
• AntiVirus explains how the FortiGate unit scans files for viruses and describes how to configure the antivirus options.
• Web filter describes basic web filtering concepts, FortiGuard Web Filtering, the order in which the FortiGate unit performs web filtering, and configuration.
• DNS filter explains how to configure the Domain Name System (DNS) Filter security profile independent of the Web Filter security profile.
• Application Control describes how your FortiGate unit can detect and take action against network traffic based on the application generating the traffic.
• Intrusion prevention explains basic Intrusion Protection System (IPS) concepts and how to configure IPS options; includes guidance and a detailed table for creating custom signatures as well as several examples.
• Anti-Spam filter explains how the FortiGate unit filters email, how to configure the filtering options, and which actions to take when spam is detected.
• Data leak prevention describes the DLP features that allow you to prevent sensitive data from leaving your network and explains how to configure the DLP rules, compound rules, and sensors.
• ICAP support describes how to offload traffic to a separate server specifically set up for the specialized processing of the traffic.
• FortiClient Profiles addresses the FortiClient Profiles endpoint protection features and configuration.
• SSL/SSH Inspection presents SSl and SSH content scanning and inspection with your FortiGate.
• Custom Application & IPS Signatures describes how to create custom Application Control and IPS signatures.
• Other Security Profiles considerations addresses topics like Security Profiles VDOMs, conserve mode, using wildcards and Perl regular expressions, adding External Security Devices, CPU allocation and tuning commands to survive reboot and so on.