Even though a Security policy rule allows
a packet, this does not mean that the traffic is free of threats. To
enable the firewall to scan the traffic that it allows based on
a Security policy rule, you must also attach
Security
Profiles—including URL Filtering, Antivirus, Anti-Spyware,
File Blocking, and WildFire Analysis—to each rule (the profiles
you can use depend on which
Subscriptions you purchased).
When creating your basic Security policy, use the predefined security
profiles to ensure that the traffic you allow into your network
is being scanned for threats. You can customize these profiles later
as needed for your environment.