Security Profiles

Network Security

Security Profiles

Table of Contents

Security Profiles

Where Can I Use This?
What Do I Need?
  • NGFW (Cloud Managed)
  • NGFW (PAN-OS & Panorama Managed)
  • Prisma Access (Cloud Managed)
  • Prisma Access (Panorama Managed)
Check for any license or role requirements for the products you're using:
  • Prisma Access license or AIOps for NGFW license
  • Additionally, certain features may require Advanced WildFire, Advanced URL Filtering, Advanced Threat Prevention, or DNS Security license
While Security policy rules enable you to allow or block traffic on your network, Security profiles help you define an allow but scan rule, which scans allowed applications for threats, such as viruses, malware, spyware, and DDOS attacks. When traffic matches the allow rule defined in the Security policy, the Security profile(s) that are attached to the rule are applied for further content inspection rules such as antivirus checks and data filtering.
Security profiles are the only profiles that attach to security policy rules. Profiles and the policies that they attach to must be of the same type.
Security profiles are not used in the match criteria of a traffic flow. The Security profile is applied to scan traffic after the application or category is allowed by the Security policy.
You can use out of the box default Security profiles to begin protecting your network from threats. See Set Up a Basic Security Policy for information on using the default profiles in your Security policy.
For recommendations on the best-practice settings for Security profiles, see Create Best Practice Security Profiles for the Internet Gateway.

Recommended For You