Firewall Protection Profile Configuring a protection profile
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 489
http://docs.fortinet.com/ • Feedback
Anti-Virus options
You can apply antivirus options through a protection profile for the HTTP, SMTP, POP3,
IMAP, NNTP, and content protocols.
If your FortiGate unit includes SSL content inspection and filtering, you can also apply
antivirus scanning options through a protection profile for HTTPS, IMAPS, POP3S, and
SMTPS content protocols. For more information, see “SSL content scanning and
inspection” on page 481.
To configure antivirus options, go to Firewall > Protection Profile. Select Create New to
add a protection profile, or the Edit icon beside an existing protection profile. Then select
the Expand Arrow beside Anti-Virus, enter the information as described below, and select
OK. For more antivirus configuration options, see “AntiVirus” on page 517.
HTTPS Content Filtering Mode If your FortiGate unit supports SSL content scanning and
inspection, you can select the content filtering mode used for
HTTPS traffic. The mode can be:
URL Filtering This option limits HTTPS content filtering to URL filtering only. If
you select this option the FortiGate unit does not perform SSL
content scanning and inspection of HTTPS traffic. Instead the
FortiGate unit just applies web filtering to HTTPS URLs. Also, if
you select URL Filtering, you cannot select any Anti-Virus options
for HTTPS. Under Web Filtering you can select only Web URL
Filter and Block invalid URLs for HTTPS. Selecting URL Filtering
also limits the FortiGuard Web Filtering options that you can
select for HTTPS.
Deep Scan (Decryption on
SSL Traffic)
Select this option to apply full SSL content scanning and
inspection of HTTPS traffic.
Protocol The names of the content protocols that you can configure
recognition for: HTTP, HTTPS, SMTP, POP3, IMAP, NNTP, and
FTP.
If your FortiGate unit supports SSL content scanning and
inspection the content protocols also include SMTPS, POP3S,
and IMAPS.
Monitored Ports The port numbers that the protection profile monitors for each
content protocol. You can select multiple port numbers to monitor
for each content protocol. For HTTP, SMTP, POP3, IMAP, NNTP,
and FTP you can also select Inspect All Ports to monitor all ports
for these content protocols. Monitoring all ports means the
protection profile uses protocol recognition techniques to
determine the protocol of a communication session independent
of the port number that the session uses.
Edit icon Select Edit for a content protocol to configure how the protection
profile monitors traffic for that content protocol. Select one of the
following options:
Inspect All Ports Select to monitor all ports for the content protocol. This option is
available for HTTP, SMTP, POP3, IMAP, NNTP, and FTP.
Specify Ports Select this option and then enter the port numbers to monitor for
the content protocol. You can specify up to 20 ports for each
content protocol.
Note: You cannot select Anti-Virus options for HTTPS if under protocol recognition HTTPS
Content Filtering Mode is set to URL Filtering. For more information, see “Protocol
recognition options” on page 487.
To Next Page
Loading...
Need help?
General
