Virtual domains
Previously, if you enabled virtual domains (VDOMs) on your FortiGate unit, any Security Profiles configuration was limited to the VDOM in which you configured it.
Now Security Profiles can be configured globally across multiple VDOMs. In many VDOM environments, some or all profiles may be commonly-shared, for example an MSSP with "parental controls" configured will most likely have the same Web Filtering and Application Control profiles per VDOM.
Global profiles are configured under Global > Security Profiles in the GUI or under the following config global
commands in the CLI:
antivirus profile
application list
dlp sensor
ips sensor
webfilter profile
The name for any global profile must start with "g-" for identification. Global profiles are available as read-only for VDOM-level administrators and can only be edited or deleted from within the global settings.
Each security feature has at least one default global profile, available for all VDOMs.
Both Global security profile configuration and the various databases used by Security Profiles features are shared. The FortiGuard antivirus and IPS databases and updates to the databases are shared. The FortiGuard web filter and spam filter features access the FortiGuard distribution network and read the same information when checking email for spam and web site categories and classification.