(vdom1)# config antivirus profile
(profile) edit new-av-profile
(new-av-profile) set ?
comment <----- Comment.
replacemsg-group <----- Replacement message group customized for this profile.
feature-set <----- Flow/proxy feature set.
mobile-malware-db <----- Enable/disable using the mobile malware signature database.
av-virus-log <----- Enable/disable AntiVirus logging.
av-block-log <----- Enable/disable logging for AntiVirus file blocking.
extended-log <----- Enable/disable extended logging for antivirus.
(new-av-profile) set feature-set ?
flow <----- Flow feature set.
proxy <----- Proxy feature set.
(new-av-profile) set feature-set proxy
(new-av-profile) # show
# config antivirus profile
edit "new-av-profile"
set feature-set proxy
next
end
(vdom1)# config webfilter profileTo configure the Email Filter security profile from CLI.
(profile) edit new-wf-profile
(new-wf-profile) set ?
comment <----- Optional comments.
feature-set <----- Flow/proxy feature set.
replacemsg-group <----- Replacement message group.
options <----- Options.
...
(new-wf-profile) set feature-set ?
flow <----- Flow feature set.
proxy <----- Proxy feature set.
(new-wf-profile) set feature-set proxy
(new-wf-profile) # show
# config webfilter profile
edit "new-wf-profile"
set feature-set proxy
# config ftgd-wf
unset options
# config filters
...
end
end
next
end
(vdom1) # config emailfilter profileTo configure the DLP security profile From CLI.
(profile) edit new-ef-profile
(new-ef-profile) set ?
comment <----- Comment.
feature-set <----- Flow/proxy feature set.
replacemsg-group <----- Replacement message group.
spam-log <----- Enable/disable spam logging for email filtering.
spam-log-fortiguard-response <----- Enable/disable logging FortiGuard spam response.
spam-filtering <----- Enable/disable spam filtering.
external <----- Enable/disable external Email inspection.
options <----- Options.
spam-bword-threshold <----- Spam banned word threshold.
spam-bword-table <----- Anti-spam banned word table ID.
spam-bwl-table <----- Anti-spam black/white list table ID.
spam-mheader-table <----- Anti-spam MIME header table ID.
spam-rbl-table <----- Anti-spam DNSBL table ID.
spam-iptrust-table <----- Anti-spam IP trust table ID.
(new-ef-profile) set feature-set ?
flow <----- Flow feature set.
proxy <----- Proxy feature set.
(new-ef-profile) set feature-set proxy
(new-ef-profile) # show
# config emailfilter profile
edit "new-ef-profile"
set feature-set proxy
next
end
FGT_NAT (vdom1) # config dlp sensorTo configure Protocol Options in Policy & Objects from CLI.
FGT_NAT (sensor) edit new-dlp-profile
FGT_NAT (new-dlp-profile) set ?
comment <----- Comment.
feature-set <----- Flow/proxy feature set.
replacemsg-group <----- Replacement message group used by this DLP sensor.
dlp-log <----- Enable/disable DLP logging.
extended-log <----- Enable/disable extended logging for data leak prevention.
nac-quar-log <----- Enable/disable NAC quarantine logging.
full-archive-proto <----- Protocols to always content archive.
summary-proto <----- Protocols to always log summary.
(new-dlp-profile) set feature-set ?
flow <----- Flow feature set.
proxy <----- Proxy feature set.
(new-dlp-profile) set feature-set proxy
(new-dlp-profile) # show
# config dlp sensor
edit "new-dlp-profile"
set feature-set proxy
next
end
(vdom1) # config firewall profile-protocol-options
(profile-protocol~ons) edit new-protocol-options
FGT_NAT (new-protocol-options) set ?
comment <----- Optional comments.
feature-set <----- Flow/proxy feature set.
replacemsg-group <----- Name of the replacement message group to be used.
oversize-log <----- Enable/disable logging for antivirus oversize file blocking.
switching-protocols-log <----- Enable/disable logging for HTTP/HTTPS switching protocols.
rpc-over-http <------ Enable/disable inspection of RPC over HTTP.
(new-protocol-options) set feature-set ?
flow <----- Flow feature set.
proxy <----- Proxy feature set.
(new-protocol-options) set feature-set proxy
FGT_NAT (new-protocol-options) # show
# config firewall profile-protocol-options
edit "new-protocol-options"
set feature-set proxy
# config http
set ports 80
unset options
unset post-lang
end
# config ftp
set ports 21
set options splice
end
# config imap
set ports 143
set options fragmail
end
...
next
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.