Fortinet Document Library

Version:

Version:


Table of Contents

Administration Guide

Download PDF
Copy Link

Filter example

User/host profiles contain filters to narrow the group of hosts or users that match a particular profile. This allows you to create special profiles for certain hosts or users and filter by host, adapter or user criteria. For example, if you had hosts that were running on different operating systems, you might want to have a special profile for each operating system. By filtering for the operating system, you could provide different treatment for each type of host without having to create and maintain special host groups.

Filter examples

Filters are based on Host, Adapter or User attributes and can be applied such that the host or user must meet all criteria or only some criteria. Within the Who/What by Attribute filter, the user/host must match all of the data specified. If there are multiple Who/What by Attribute filters, the user/host must match all of the data specified in only one of the filters.

Assume that you want to create user/host profile A to handle rogue hosts by operating system. In this case, the host must meet the following criteria to match user/host profile A:

  • Location = Connected to a device in Device Group A
  • Host Filter = Running a Windows operating system and is a Rogue (not registered).

In the second example, the user/host profile contains two options under Who/What by Attribute. The first filter requires that the host state be Safe and Authenticated. The second filter requires that the host be a VPN client. In this case the host must meet the following criteria to match the user/host profile:

  • Location = Connected to a device in Device Group A
  • Host Filter = One of the following sets of options from the filters:
    • Host must be Safe and Authenticated
    • Host must be a VPN Client

Filter example

User/host profiles contain filters to narrow the group of hosts or users that match a particular profile. This allows you to create special profiles for certain hosts or users and filter by host, adapter or user criteria. For example, if you had hosts that were running on different operating systems, you might want to have a special profile for each operating system. By filtering for the operating system, you could provide different treatment for each type of host without having to create and maintain special host groups.

Filter examples

Filters are based on Host, Adapter or User attributes and can be applied such that the host or user must meet all criteria or only some criteria. Within the Who/What by Attribute filter, the user/host must match all of the data specified. If there are multiple Who/What by Attribute filters, the user/host must match all of the data specified in only one of the filters.

Assume that you want to create user/host profile A to handle rogue hosts by operating system. In this case, the host must meet the following criteria to match user/host profile A:

  • Location = Connected to a device in Device Group A
  • Host Filter = Running a Windows operating system and is a Rogue (not registered).

In the second example, the user/host profile contains two options under Who/What by Attribute. The first filter requires that the host state be Safe and Authenticated. The second filter requires that the host be a VPN client. In this case the host must meet the following criteria to match the user/host profile:

  • Location = Connected to a device in Device Group A
  • Host Filter = One of the following sets of options from the filters:
    • Host must be Safe and Authenticated
    • Host must be a VPN Client