Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ahirameno
New Contributor

Question regarding IPS profiles on firewall policies

Hello there forum.

I was wondering if anyone could give me an explanation on when to use the different IPS profiles.

I see in the FortiGate firewall policies by default has

"Protect_Client"
"High_Security"
And I can create like a "Protect_servers"

I am a bit unsure, as I cannot find anywhere in the documentation when to use what.

 

Let's say I create a firewall rule from my Client network towards the internet. Does that mean I need to use the "Protect_Client" policy?

And also, I have multiple VLANS, a client network and server network. Should I use the "Protect_Server" in this case, as the clients are communicating with the servers?

Hope anyone can clarify :)

have a great weekend!

2 REPLIES 2
Anthony_E
Community Manager
Community Manager

Hello ahirameno,

 

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Regards,

Anthony-Fortinet Community Team.
akumarr
Staff
Staff

Dear ahirameno,

Thank you for using the Community Forum.

Kindly use the default profile  for lan to wan policy, but again you may need to fine tune the policy as per your requirement and as per the traffic,
For example, if you Lan users mostly use internet to connect the SSH server's  then you could need to finetune the profile and you would need to allow/block the SSH based signatures.

Best regards,
ARUNKUMAR.R.