Fortinet black logo

Administration Guide

Home FortiProxy 7.0.0 Administration Guide
7.0.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Profile Groups

Profile Groups

Profile groups are used to group security profiles of different types together, and can be used in policies instead of individual profiles.

To create a profile group in the GUI:

  1. Go to Security Profiles > Profile Groups and click Create New.

  2. Enter a name for the group.

  3. Select the Protocol Options from the drop-down list.

  4. Enable the required profile types and select a profile for each.

  5. Click OK.

To create a profile group in the CLI:
config firewall profile-group
    edit <name>
        set profile-protocol-options <options>
        set ssl-ssh-profile {certificate-inspection | custom-deep-inspection | deep-inspection | no-inspection}
        set av-profile <profile>
        set ia-profile <profile>
        set webfilter-profile <profile>
        set dnsfilter-profile <profile>
        set emailfilter-profile <profile>
        set dlp-sensor <sensor>
        set file-filter-profile <profile>
        set ips-sensor <sensor>
        set application-list <list>
        set icap-profile <profile>
        set cifs-profile <profile>
        set videofilter-profile <profile>
        set ssh-filter-profile <profile>
    next
end
To use a profile group in a policy:
config firewall policy
    edit <policy>
        set profile-type group
        set profile-group <group>
    next
end
Previous
Next

Profile Groups

Profile groups are used to group security profiles of different types together, and can be used in policies instead of individual profiles.

To create a profile group in the GUI:

  1. Go to Security Profiles > Profile Groups and click Create New.

  2. Enter a name for the group.

  3. Select the Protocol Options from the drop-down list.

  4. Enable the required profile types and select a profile for each.

  5. Click OK.

To create a profile group in the CLI:
config firewall profile-group
    edit <name>
        set profile-protocol-options <options>
        set ssl-ssh-profile {certificate-inspection | custom-deep-inspection | deep-inspection | no-inspection}
        set av-profile <profile>
        set ia-profile <profile>
        set webfilter-profile <profile>
        set dnsfilter-profile <profile>
        set emailfilter-profile <profile>
        set dlp-sensor <sensor>
        set file-filter-profile <profile>
        set ips-sensor <sensor>
        set application-list <list>
        set icap-profile <profile>
        set cifs-profile <profile>
        set videofilter-profile <profile>
        set ssh-filter-profile <profile>
    next
end
To use a profile group in a policy:
config firewall policy
    edit <policy>
        set profile-type group
        set profile-group <group>
    next
end
Previous
Next