Enable a Security Profile
A security profile is only active when these
two things are in place:
- The security profile is in a profile groupA profile group is a set of profiles—it can contain one profile from each profile type.
- A security rule is referencing the profile groupWhen a security rule is referencing a profile group, you can make updates to the individual profiles and the group without editing the security rule. The security rule automatically enforces your changes, without requiring you to make a policy commit.
To enable
a security profile:
- Use the profile’s dashboard to create and manage your profiles ().
- Review the best practice profiles.
- Add a new profile.
- Update existing profiles.Several profiles include inline access to resources you can use to inform your updates, including the latest threat content relesae updtes, the Threat Vault threat database, and PAN-DB, the URL Filtering cloud database.
- Create and manage overrides—Overrides give you a way to specify that a profile treats certain traffic differently than it would by default.
- Add the profile to a profile group ( ).A profile group is a collection of profiles, and it can include one profile from each type.
- Reference the profile group in a security rule.A security profile is active only when it’s in a profile group, that’s attached to a security rule.
