The firewall supports the ability
to create Security Profile groups
, which specify sets of Security Profiles that can be treated as a unit and then added to security policies. For example, you can create a “threats” Security Profile group that includes profiles for Antivirus, Anti-Spyware, and Vulnerability Protection and then create a Security policy that includes the “threats” profile.
Antivirus, Anti-Spyware, Vulnerability
Protection, URL filtering, and file blocking profiles that are often assigned together can be combined into profile groups to simplify the creation of security policies.
To define a new Security Profile, select
Objects > Security Profiles.
The following table describes the Security Profile settings.
Security Profile Group Setting
Description
Name
Enter the profile group name (up to 31 characters). This name appears in the profiles list when defining security policies. The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores.
Shared
Select this option if you want the profile group to be available to:
Every virtual system (vsys) on a multi-vsys firewall. If you clear this selection, the profile group will be available only to the
Virtual System
selected in the
Objects
tab.
Every device group on Panorama. If you clear this selection, the profile group will be available only to the
Device Group
selected in the
Objects
tab.
Disable override
(
Panorama only
)
Select this option if you want to prevent administrators from creating local copies of the profile group in descendant device groups by overriding its inherited values. This selection is cleared by default, which means overriding is enabled.
Profiles
Select an Antivirus, Anti-Spyware, Vulnerability Protection, URL filtering, and/or file blocking profile to be included in this group. Data filtering profiles can also be specified in Security Profile groups. Refer to
Objects > Security Profiles > Data Filtering.