While Security policy rules enable you to allow or block traffic on your network,
Security profiles help you define an
allow but scan rule, which scans
allowed applications for threats, such as viruses, malware, spyware, and DDOS
attacks. When traffic matches the allow rule defined in the Security policy, the
Security profile(s) that are attached to the rule are applied for further content
inspection rules such as antivirus checks and data filtering.