Set Up or Override a Default Security Profile Group

Use the following options to set up a default security profile group to be used in new security policies, or to override an existing default group. When an administrator creates a new security policy, the default profile group will be automatically selected as the policy’s profile settings, and traffic matching the policy will be checked according to the settings defined in the profile group (the administrator can choose to manually select different profile settings if desired). Use the following options to set up a default security profile group or to override your default settings.
If no default security profile exists, the profile settings for a new security policy are set to
None
by default.
  • Create a security profile group.
    1. Select
      Objects
      Security Profile Groups
      and Add a new security profile group.
    2. Give the profile group a descriptive
      Name
      , for example, Threats.
    3. If the firewall is in Multiple Virtual System Mode, enable the profile to be
      Shared
      by all virtual systems.
    4. Add existing profiles to the group. For details on creating profiles, see Security Profiles.
      profile-group.png
    5. Click
      OK
      to save the profile group.
    6. Add the security profile group to a security policy.
    7. Add
      or modify a security policy rule and select the
      Actions
      tab.
    8. Select
      Group
      for the
      Profile Type
      .
    9. In the
      Group Profile
      drop-down, select the group you created (for example, select the Threats group):
      policy-profile-group.png
    10. Click
      OK
      to save the policy and
      Commit
      your changes.
  • Set up a default security profile group.
    1. Select
      Objects
      Security Profile Groups
      and add a new security profile group or modify an existing security profile group.
    2. Name
      the security profile group
      default
      :
      security-profile-group-default.png
    3. Click
      OK
      and
      Commit
      .
    4. Confirm that the default security profile group is included in new security policies by default:
      1. Select
        Policies
        Security
        and
        Add
        a new security policy.
      2. Select the
        Actions
        tab and view the
        Profile Setting
        fields:
        policy-profile-setting-default.png
        By default, the new security policy correctly shows the
        Profile Type
        set to Group and the default
        Group Profile
        is selected.
  • Override a default security profile group.
    If you have an existing default security profile group, and you do not want that set of profiles to be attached to a new security policy, you can continue to modify the Profile Setting fields according to your preference. Begin by selecting a different Profile Type for your policy (
    Policies
    Security
    Security Policy Rule
    Actions
    ).

Related Documentation