Enable a Security Profile

A security profile is only active when these two things are in place:
  • The security profile is in a profile group
    A profile group is a set of profiles—it can contain one profile from each profile type.
  • A security rule is referencing the profile group
    When a security rule is referencing a profile group, you can make updates to the individual profiles and the group without editing the security rule. The security rule automatically enforces your changes, without requiring you to make a policy commit.
To enable a security profile:
  1. Use the profile’s dashboard to create and manage your profiles (
    Security Services
    Choose Your Profile Type
    • Review the best practice profiles.
    • Add a new profile.
    • Update existing profiles.
      Several profiles include inline access to resources you can use to inform your updates, including the latest threat content relesae updtes, the Threat Vault threat database, and PAN-DB, the URL Filtering cloud database.
    • Create and manage overrides—Overrides give you a way to specify that a profile treats certain traffic differently than it would by default.
  2. Add the profile to a profile group (
    Security Services
    Profile Groups
    A profile group is a collection of profiles, and it can include one profile from each type.
  3. Reference the profile group in a security rule.
    A security profile is active only when it’s in a profile group, that’s attached to a security rule.

Recommended For You