Fortitip

February 26, 2019

hero image for the article

Have you ever wanted to group all your Fortigate security profiles together and apply them to your IPv4 policy as one group? Read on, and I will show you how to get this done.

By default, you must select each security profile independently in your IPv4 polices – Web, DNS, IPS, APP and so on. However, if you enable “dynamic profile display”, you can group your security profiles together and apply them to the IPv4 polices as a group.

Here’s how:

Step one: Enable the option in the CLI*

config system setting

set gui-dynamic-profile-display enable

end

*If you are in VDOM mode you must enter your appropriate VDOM first
Config VDOM
Edit <VDOM NAME>

Step two: Create the profile (logout and login again to make sure you get the GUI update)

Step three: Apply the group profile to the IPv4 policy

 

There you go! You can create profiles for different types of users and apply them simply and consistently over all the appropriate IPv4 policies. This is also helpful for pairing together security profiles for server protection.

Click here for Full CLI reference for profile groups:

 

Check back here for more tips on the Fortinet platforms from the IntegraONE security team.

Brad Rightmyer – NSE7 – Director Network and Security Services