Chapter 7. Security
7.2 Security Profile
Learning Objectives
- Configure a Security Profile
Scenario: In this lab, we are going to become familiar with different types of Security Profile such as AntiVirus, File Filter, IPS and DNS Filter. WebTerm2 acts as a local computer and we set a Security Profile on traffic passing from Port2 to Port1.
- We will continue the previous scenario and set up a DHCP server on port2.
- Go to security profile > Anti-Virus, create a new profile:
- Name: myantivirus
- Scan Mode: full
- Inspection Protocol: HTTP, SMTP, IMAP, POP3, FTP
- Create a Firewall policy:
- Name: Port2-to-Port1
- Incoming Interface: Port2
- Outgoing interface: port1
- Source, Destination, Service: all
- Security Profile: myantivirus
- Go to Security Profile > File Filter, Create a new profile:
- Name: MyFileFilter
- Create a New Filter rule
- Name: Block-PDF-ZIP
- Protocols: HTTP-FTP
- File Type: PDF-ZIP
- Action: Block
- Direction: any
- Set the firewall Policy to Proxy mode.
- Go to Policy & Objects > Firewall Policy and assign MyFileFilter to the “Port2-to-Port1” policy.
- Go to http://talebi.ca/wp-content/uploads/2021/11/prtgdesktop.pdf and verify your result.
- Go to Security Profile > Intrusion Prevention, create a new profile:
- Name: MyIPS
- Add Signature: AAEH Botnet, Acuntix Web Vulnerability Scanner, Adobe Flash Player CSRF
- Go to Policy & Objects > Firewall Policy and assign MyIPS to the “Port2-to-Port1” policy.
- Go to Security Profile > DNS Filter, create a new profile:
- Name: MyDNS
- FortiGate Category Based Filter:
- Bandwidth Consuming: Peer-to-Peer File Sharing: Block, Internet Radio and TV: Block
You can verify your configuration by visiting http://talebi.ca.
Verify your Log & Report > DNS Query.