Security profiles
Security profiles collect pre-configured intrusion detection profiles into a re-usable group. After a security profile is created it can be further customized.
Go to Configuration > Security Profiles to view the list of configured security profiles.
Security profiles have the following basic options:
Item | Description |
---|---|
Name | Enter a unique name for the security profile. |
DNS Filter |
Enable or disable DNS filters. |
Known Bad IP Blocking |
Enable or disable filters to block or monitor known bad addresses. |
Intrusion Prevention |
Enable or disable intrusion prevention system (IPS). |
The security profile is created with a default set of options.
Editing security profiles
To edit a security profile:
-
Select a security profile from the list and click Edit.
-
Click Customize in the appropriate filter profile.
DNS filter options
In order for DNS filtering to work, you must first configure your cloud environment. |
Item | Description |
---|---|
Redirect Botnet C&C to Block Portal | Enable or disable botnet redirection. |
FortiGuard Category Based Filters |
Enable or disable category filters. For each filter category, select the action:
|
Domain Filters |
Enable or disable domain filters, then add or edit filters and configure the following options. |
Domain |
Enter the domain to filter. |
Type |
Select the type of matching for the entered domain. |
Action |
Select the action:
|
Status |
Enable or disable this domain filter. |
DNS Translation |
Enable or disable DNS translation filters, then add or edit filters and configure the following options. |
Address Type |
Only IPv4 addresses are supported. This is not configurable. |
Destination |
Enter the destination IP address. |
Net Mask |
Enter the net mask. |
Source |
Enter the source IP address. |
Status |
Enable or disable this domain filter. |
Known Bad IP Blocking options
Item | Description |
---|---|
Block Malicious URLs |
Enable or disable blocking of malicious URLs. Select the action:
|
Block Command and Control server IPs |
Block known command and control server IPs. Select the action:
|
Intrusion Prevention options
Item | Description | ||
---|---|---|---|
IPS Profile |
Select the preset IPS profile to use. The profiles cannot be further configured.
For more information about signatures and the default actions for each, see the FortiGuard Threat Encyclopedia.
|