While Security policy rules enable you to allow or block traffic
on your network, Security profiles help you define an
allow
but scan rule, which scans allowed applications for threats,
such as viruses, malware, spyware, and DDOS attacks. When traffic
matches the allow rule defined in the Security policy, the Security
profile(s) that are attached to the rule are applied for further
content inspection rules such as antivirus checks and data filtering.