#config-version=FG3K8A-4.00-FW-build646-121119:opmode=0:vdom=1:user=admin #conf_file_ver=1556659117942335023 #buildno=0646 #global_vdom=1 config vdom edit root end config vdom edit client end config vdom edit server end config vdom edit snat end config vdom edit traffic end config global config system global set access-banner disable set admin-concurrent enable set admin-https-pki-required disable set admin-lockout-duration 60 set admin-lockout-threshold 3 set admin-maintainer enable set admin-port 80 set admin-scp disable set admin-server-cert "self-sign" set admin-sport 443 set admin-ssh-grace-time 120 set admin-ssh-port 22 set admin-ssh-v1 disable set admin-telnet-port 23 set admintimeout 480 set anti-replay strict set auth-cert "self-sign" set auth-http-port 1000 set auth-https-port 1003 set auth-keepalive disable set auth-policy-exact-match enable set av-failopen pass set av-failopen-session disable set batch-cmdb enable set cfg-save automatic set check-protocol-header loose set check-reset-range disable set clt-cert-req disable set csr-ca-attribute enable set daily-restart disable set detection-summary enable set dst enable set endpoint-control-fds-access enable set endpoint-control-portal-port 8009 set explicit-proxy-auth-timeout 300 set fds-statistics enable set fwpolicy-implicit-log disable set fwpolicy6-implicit-log disable set gui-ap-profile enable set gui-central-nat-table disable set gui-dns-database disable set gui-dynamic-profile-display disable set gui-icap disable set gui-implicit-id-based-policy disable set gui-implicit-policy enable set gui-ipsec-manual-key disable set gui-ipv6 disable set gui-lines-per-page 50 set gui-load-balance enable set gui-object-tags enable set gui-policy-interface-pairs-view enable set gui-voip-profile disable set hostname "FG3K8A-4" set http-obfuscate modified set ip-src-port-range 1024-25000 set ipsec-hmac-offload enable set ipv6-accept-dad 1 set language english set lcdpin ENC XXVrg9a1cu6os set lcdprotection disable set ldapconntimeout 500 set log-user-in-upper disable set loglocaldeny disable set management-vdom "root" set max-sql-log-size 1024 set optimize antivirus set phase1-rekey enable set policy-auth-concurrent enable set proxy-worker-count 2 set radius-port 1812 set refresh 0 set registration-notification enable set remoteauthtimeout 5 set reset-sessionless-tcp disable set scanunit-count 3 set send-pmtu-icmp enable set service-expire-notification enable set sql-logging disable set strict-dirty-session-check disable set strong-crypto disable set tcp-halfclose-timer 120 set tcp-halfopen-timer 120 set tcp-option enable set tcp-timewait-timer 120 set timezone 28 set tos-based-priority medium set udp-idle-timer 180 set usb-lte disable set user-server-cert "self-sign" set vdom-admin enable set vip-arp-range restricted set wifi-ca-certificate "PositiveSSL_CA" set wifi-certificate "Fortinet_Wifi" set wimax-4g-usb disable set wireless-controller-port 5246 set fds-statistics-period 60 end config system accprofile edit "prof_admin" set admingrp read-write set authgrp read-write set endpoint-control-grp read-write set fwgrp read-write set loggrp read-write unset menu-file set mntgrp read-write set netgrp read-write set routegrp read-write set sysgrp read-write set updategrp read-write set utmgrp read-write set vpngrp read-write set wanoptgrp read-write set wifi read-write next end config system interface edit "port1" set vdom "root" set ip 1.1.1.1 255.255.255.252 set allowaccess ping https fgfm set type physical next edit "port2" set vdom "root" set ip 172.31.17.64 255.255.252.0 set allowaccess ping https ssh http telnet fgfm set type physical next edit "port3" set vdom "root" set allowaccess ping fgfm set type physical next edit "port4" set vdom "root" set allowaccess ping fgfm set type physical next edit "port5" set vdom "root" set allowaccess ping fgfm set type physical next edit "port6" set vdom "root" set allowaccess ping fgfm set type physical next edit "port7" set vdom "root" set allowaccess ping fgfm set type physical next edit "port8" set vdom "root" set allowaccess ping fgfm set type physical next edit "port9" set vdom "root" set allowaccess ping fgfm set type physical next edit "port10" set vdom "root" set allowaccess ping fgfm set type physical next edit "modem" set vdom "root" set mode pppoe set allowaccess fgfm set type physical next edit "ssl.root" set vdom "root" set type tunnel next edit "ssl.client" set vdom "client" set type tunnel next edit "ssl.server" set vdom "server" set type tunnel next edit "ssl.snat" set vdom "snat" set type tunnel next edit "ssl.traffic" set vdom "traffic" set type tunnel next edit "p1v84" set vdom "client" set ip 192.168.0.1 255.255.255.0 set allowaccess ping https ssh telnet set interface "port1" set vlanid 84 next edit "p3v84" set vdom "traffic" set ip 192.168.0.2 255.255.255.0 set allowaccess ping https ssh telnet set interface "port3" set vlanid 84 next edit "p3v87" set vdom "traffic" set ip 192.168.3.2 255.255.255.0 set allowaccess ping https ssh snmp http telnet set interface "port3" set vlanid 87 next edit "p1v87" set vdom "server" set ip 192.168.3.1 255.255.255.0 set allowaccess ping https ssh snmp http telnet set interface "port1" set vlanid 87 next edit "p3v85" set vdom "traffic" set ip 192.168.5.2 255.255.255.0 set allowaccess ping https ssh snmp http telnet set interface "port3" set vlanid 85 next edit "p1v85" set vdom "snat" set ip 192.168.5.1 255.255.255.0 set allowaccess ping https ssh snmp http telnet set interface "port1" set vlanid 85 next edit "p1v86" set vdom "snat" set ip 192.168.2.1 255.255.255.0 set allowaccess ping https ssh snmp http telnet set interface "port1" set vlanid 86 next edit "p3v86" set vdom "traffic" set ip 192.168.2.2 255.255.255.0 set allowaccess ping https ssh snmp http telnet set interface "port3" set vlanid 86 next end config system admin edit "admin" set accprofile "super_admin" set vdom "root" config dashboard-tabs edit 1 set name "Dashboard" next end config dashboard edit 1 set tab-id 1 set column 1 next end next end config system resource-limits set firewall-address 20000 end config system vdom-property edit "root" set description "property limits for vdom root" next edit "client" set description "property limits for vdom client" next edit "server" set description "property limits for vdom server" next edit "snat" set description "property limits for vdom snat" next edit "traffic" set description "property limits for vdom traffic" next end config system ha set group-id 0 set group-name "FGT-HA" set mode standalone set password ENC BCxIBL4vff9rwtrziNpDu+6QfjzG0fXGkaaRvnURiErWVhXPJXqSePe9MrsIfenCoYT67y8XJe+hYCyzyFGY7UpRTUxb6QGVLVMeWwC4nK310M82 set hbdev "port4" 50 "port3" 50 set route-ttl 10 set route-wait 0 set route-hold 10 set sync-config enable set encryption disable set authentication disable set hb-interval 2 set hb-lost-threshold 6 set helo-holddown 20 set arps 5 set arps-interval 8 set session-pickup disable set link-failed-signal disable set uninterruptable-upgrade enable set ha-eth-type "8890" set hc-eth-type "8891" set l2ep-eth-type "8893" set ha-uptime-diff-margin 300 set override disable set priority 128 set pingserver-failover-threshold 0 set pingserver-flip-timeout 60 end config system dns set primary 172.31.19.1 set secondary 65.39.139.63 set domain '' set ip6-primary :: set ip6-secondary :: set dns-cache-limit 5000 set dns-cache-ttl 1800 set cache-notfound-responses disable set source-ip 0.0.0.0 end config system replacemsg-image edit "logo_fnet" set image-base64 '' set image-type gif next edit "logo_fguard_wf" set image-base64 '' set image-type gif next edit "logo_fw_auth" set image-base64 '' set image-type png next edit "logo_v2_fnet" set image-base64 '' set image-type png next edit "logo_v2_fguard_wf" set image-base64 '' set image-type png next end config system replacemsg mail "email-block" set buffer "Potentially Dangerous Attachment Removed. The file \"%%FILE%%\" has been blocked. File quarantined as: \"%%QUARFILENAME%%\"." set header 8bit set format text end config system replacemsg mail "email-virus" set buffer "Dangerous Attachment has been Removed. The file \"%%FILE%%\" has been removed because of a virus. It was infected with the \"%%VIRUS%%\" virus. File quarantined as: \"%%QUARFILENAME%%\".%%VIRUS_REF_URL%%%%VIRUS_REF_URL%%" set header 8bit set format text end config system replacemsg mail "email-dlp" set buffer "This email has been blocked. The email message appeared to contain a data leak." set header 8bit set format text end config system replacemsg mail "email-dlp-subject" set buffer "Data leak detected!" set header 8bit set format text end config system replacemsg mail "email-dlp-ban" set buffer "This email has been blocked because a data leak was detected. Please contact your admin to be re-enabled." set header 8bit set format text end config system replacemsg mail "email-dlp-ban-sender" set buffer "This email has been blocked because the sender has sent a data leak. Please contact your admin to be re-enabled." set header 8bit set format text end config system replacemsg mail "email-filesize" set buffer "This email has been blocked. The email message is larger than the configured file size limit." set header 8bit set format text end config system replacemsg mail "partial" set buffer "Fragmented emails are blocked." set header 8bit set format text end config system replacemsg mail "smtp-block" set buffer "The file %%FILE%% has been blocked. File quarantined as: %%QUARFILENAME%%" set header none set format text end config system replacemsg mail "smtp-virus" set buffer "The file %%FILE%% has been infected with the virus %%VIRUS%% File quarantined as %%QUARFILENAME%%" set header none set format text end config system replacemsg mail "smtp-filesize" set buffer "This message is larger than the configured limit and has been blocked." set header none set format text end config system replacemsg http "bannedword" set buffer " The URL you requested has been blocked

The URL you requested has been blocked

The page you requested has been blocked because it contains a banned word.

URL = %%PROTOCOL%%%%URL%%
%%OVERRIDE%%

" set header http set format html end config system replacemsg http "url-block" set buffer " The URL you requested has been blocked

The URL you requested has been blocked

The page you have requested has been blocked, because the URL is banned.

URL = %%URL%%
%%OVERRIDE%%

" set header http set format html end config system replacemsg http "urlfilter-err" set buffer " Web Page Blocked

Web Page Blocked

%%URLFILTER_ERROR%%

Web filter service error: %%URLFILTER_ERROR_DETAIL%%

" set header http set format html end config system replacemsg http "infcache-block" set buffer " High Security Alert!!

High Security Alert!!

The URL you requested was previously found to be infected.

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-block" set buffer " High Security Alert!!

High Security Alert!!

You are not permitted to download the file \"%%FILE%%\"

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-virus" set buffer "

High security alert!!!

You are not permitted to download the file \"%%FILE%%\" because it is infected with the virus \"%%VIRUS%%\".

URL = http://%%URL%%

File quarantined as: %%QUARFILENAME%%.

%%VIRUS_REF_URL%%%%VIRUS_REF_URL%%" set header http set format html end config system replacemsg http "http-filesize" set buffer " Attention!!

Attention!!

The file \"%%FILE%%\" has been blocked. The file is larger than the configured file size limit.

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-dlp" set buffer " Attention!!

Attention!!

The transfer attempted appeared to contain a data leak!

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-dlp-ban" set buffer " Attention!!

Attention!!

Your user authentication or IP address has been banned due to a detected data leak.You need an admin to re-enable your computer.

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-archive-block" set buffer "

Attention!!!

The transfer contained an archive that has been blocked.

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-contenttypeblock" set buffer " Attention!!

Attention!!

Content-type not permitted

URL = %%PROTOCOL%%%%URL%%
%%OVERRIDE%%

" set header http set format html end config system replacemsg http "https-invalid-cert-block" set buffer "Untrusted Connection
%%FORTIGUARD_WF%%%%FORTINET%%
This Connection is Untrusted


A secure connection to %%HOSTNAME%% cannot be established.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site\'s identity can\'t be verified.
Site:%%HOSTNAME%%
Certificate CN:%%CN%%
Certificate Authority:%%AUTHORITY%%
Certificate Authority Validity:Not Before: %%START_VALID%%
Not After: %%END_VALID%%
" set header http set format html end config system replacemsg http "http-client-block" set buffer " Attention!!

Attention!!

You are not permitted to upload the file \"%%FILE%%\".

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-client-virus" set buffer "

High security alert!!!

You are not permitted to upload the file \"%%FILE%%\" because it is infected with the virus \"%%VIRUS%%\".

URL = http://%%URL%%

File quarantined as: %%QUARFILENAME%%.

%%VIRUS_REF_URL%%%%VIRUS_REF_URL%%" set header http set format html end config system replacemsg http "http-client-filesize" set buffer " Attention!!

Attention!!

You request has been blocked. The request is larger than the configured file size limit.

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-client-bannedword" set buffer " Attention!!

Attention!!

The page you uploaded has been blocked because it contains a banned word.

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg http "http-post-block" set buffer " Attention!!

Attention!!

HTTP POST action is not allowed for policy reasons.

" set header http set format html end config system replacemsg http "http-client-archive-block" set buffer "

High security alert!!!

You are not permitted to upload the file \"%%FILE%%\".

URL = %%PROTOCOL%%%%URL%%

" set header http set format html end config system replacemsg webproxy "deny" set buffer " Access Denied

Access Denied

The page you requested has been blocked by a firewall policy restriction.

" set header http set format html end config system replacemsg webproxy "user-limit" set buffer " Access Denined

Access Denined

The maximum web proxy user limit has been reached.

" set header http set format html end config system replacemsg webproxy "auth-challenge" set buffer " Firewall Authentication

Firewall Authentication

You must authenticate to use this service.

" set header http set format html end config system replacemsg webproxy "auth-login-fail" set buffer " Firewall Authentication

Firewall Authentication

Authentication Failed

" set header http set format html end config system replacemsg webproxy "auth-authorization-fail" set buffer " Firewall Authorization

Firewall Authorization

Authorization Failed

" set header http set format html end config system replacemsg webproxy "http-err" set buffer " %%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%

%%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%

The webserver for %%PROTOCOL%%%%URL%% reported that an error occurred while trying to access the website. Please click here to return to the previous page.

" set header http set format html end config system replacemsg ftp "ftp-dl-infected" set buffer "Transfer failed. The file %%FILE%% is infected with the virus %%VIRUS%%. File quarantined as %%QUARFILENAME%%." set header none set format text end config system replacemsg ftp "ftp-dl-blocked" set buffer "Transfer failed. You are not permitted to transfer the file \"%%FILE%%\"." set header none set format text end config system replacemsg ftp "ftp-dl-filesize" set buffer "File size limit exceeded." set header none set format text end config system replacemsg ftp "ftp-dl-dlp" set buffer "Transfer failed. Data leak detected \"%%FILE%%\"." set header none set format text end config system replacemsg ftp "ftp-dl-dlp-ban" set buffer "Transfer failed. You are banned from transmitting due to a detected data leak. Contact your admin to be re-enabled." set header none set format text end config system replacemsg ftp "ftp-explicit-banner" set buffer "Welcome to Fortigate FTP proxy" set header none set format text end config system replacemsg ftp "ftp-dl-archive-block" set buffer "Transfer failed. Archive \"%%FILE%%\" has been blocked." set header none set format text end config system replacemsg nntp "nntp-dl-infected" set buffer "Dangerous Attachment has been Removed. The file \"%%FILE%%\" has been removed because of a virus. It was infected with the \"%%VIRUS%%\" virus. File quarantined as: \"%%QUARFILENAME%%\"." set header none set format text end config system replacemsg nntp "nntp-dl-blocked" set buffer "The file %%FILE%% has been blocked. File quarantined as: %%QUARFILENAME%%" set header none set format text end config system replacemsg nntp "nntp-dl-filesize" set buffer "This article has been blocked. The article is larger than the configured file size limit." set header none set format text end config system replacemsg nntp "nntp-dlp" set buffer "This article has been blocked. It appears to contain a data leak." set header none set format text end config system replacemsg nntp "nntp-dlp-subject" set buffer "Data leak detected!" set header none set format text end config system replacemsg nntp "nntp-dlp-ban" set buffer "this article has been blocked. The user is banned for sending a data leak. Please contact your admin to be re-enabled." set header none set format text end config system replacemsg fortiguard-wf "ftgd-block" set buffer " Web Filter Violation

Powered By Fortinet

FortiGuard Web Filtering

blocked

Web Page Blocked!

You have tried to access a web page which is in violation of your internet usage policy.

URL: %%URL%%
Category: %%CATEGORY%%

%%OVERRIDE%%

To have the rating of this web page re-evaluated please click here.

" set header http set format html end config system replacemsg fortiguard-wf "http-err" set buffer " %%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%

Powered By Fortinet

FortiGuard Web Filtering

blocked

%%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%

The webserver for %%URL%% reported that an error occurred while trying to access the website.Please click here to return to the previous page.
" set header http set format html end config system replacemsg fortiguard-wf "ftgd-ovrd" set buffer " Web Filter Block Override

Powered By Fortinet

FortiGuard Web Filtering

authenticate

Web Filter Block Override

If you have been granted override creation privileges by your administrator, you can enter your username and password here to gain immediate access to the blocked web-page. If you do not have these privileges, please contact your administrator to gain access to the web-page.
%%OVRD_FORM%%
" set header http set format html end config system replacemsg fortiguard-wf "ftgd-quota" set buffer " Web Filter Quota Exceeded

Powered By Fortinet

FortiGuard Web Filtering

blocked

Web Page Blocked

Your daily quota for this category of webpage has expired, in accordance with your internet usage policy.

URL: %%URL%%
Category: %%CATEGORY%%

To have the rating of this web page re-evaluated please click here.

%%OVERRIDE%%

" set header http set format html end config system replacemsg fortiguard-wf "ftgd-warning" set buffer " Web Filter Block Override

Powered By Fortinet

FortiGuard Web Filtering

authenticate

Web Page Blocked!

You have tried to access a web page which is in violation of your internet usage policy.

URL: %%URL%%
Category: %%CATEGORY%%

To have the rating of this web page re-evaluated please click here.

 
" set header http set format html end config system replacemsg spam "ipblocklist" set buffer "Mail from this IP address is not allowed and has been blocked." set header none set format text end config system replacemsg spam "smtp-spam-dnsbl" set buffer "This message has been blocked because it is from a DNSBL/ORDBL IP address." set header none set format text end config system replacemsg spam "smtp-spam-feip" set buffer "This message has been blocked because it is from a FortiGuard - AntiSpam black IP address." set header none set format text end config system replacemsg spam "smtp-spam-helo" set buffer "This message has been blocked because the HELO/EHLO domain is invalid." set header none set format text end config system replacemsg spam "smtp-spam-emailblack" set buffer "Mail from this email address is not allowed and has been blocked." set header none set format text end config system replacemsg spam "smtp-spam-mimeheader" set buffer "This message has been blocked because it contains an invalid header." set header none set format text end config system replacemsg spam "reversedns" set buffer "This message has been blocked because the return email domain is invalid." set header none set format text end config system replacemsg spam "smtp-spam-bannedword" set buffer "This message has been blocked because it contains a banned word." set header none set format text end config system replacemsg spam "smtp-spam-ase" set buffer "This message has been blocked because ASE reports it as spam. " set header none set format text end config system replacemsg spam "submit" set buffer "If this email is not spam, click here to submit the signatures to FortiGuard - AntiSpam Service." set header none set format text end config system replacemsg im "im-file-xfer-block" set buffer "Transfer failed. You are not permitted to transfer the file \"%%FILE%%\"." set header none set format text end config system replacemsg im "im-file-xfer-name" set buffer "Transfer %%ACTION%%. The file name \"%%FILE%%\" matches the configured file name block list." set header none set format text end config system replacemsg im "im-file-xfer-infected" set buffer "Transfer %%ACTION%%. The file \"%%FILE%%\" is infected with the virus %%VIRUS%%. File quarantined as %%QUARFILENAME%%." set header none set format text end config system replacemsg im "im-file-xfer-size" set buffer "Transfer %%ACTION%%. The file \"%%FILE%%\" is larger than the configured limit." set header none set format text end config system replacemsg im "im-dlp" set buffer "Transfer %%ACTION%%. The file \"%%FILE%%\" contains a data leak." set header none set format text end config system replacemsg im "im-dlp-ban" set buffer "Transfer %%ACTION%%. The user is banned because of a detected data leak." set header none set format text end config system replacemsg im "im-voice-chat-block" set buffer "Connection failed. You are not permitted to use voice chat." set header none set format text end config system replacemsg im "im-video-chat-block" set buffer "Connection failed. You are not permitted to use video chat." set header none set format text end config system replacemsg im "im-photo-share-block" set buffer "Photo sharing failed. You are not permitted to share photo." set header none set format text end config system replacemsg im "im-long-chat-block" set buffer "Message blocked. The message is longer than the configured limit." set header none set format text end config system replacemsg alertmail "alertmail-virus" set buffer "Virus/Worm detected: %%VIRUS%% Protocol: %%PROTOCOL%% Source IP: %%SOURCE_IP%% Destination IP: %%DEST_IP%% Email Address From: %%EMAIL_FROM%% Email Address To: %%EMAIL_TO%% %%VIRUS_REF_URL%%%%VIRUS_REF_URL%%" set header none set format text end config system replacemsg alertmail "alertmail-block" set buffer "File Block Detected: %%FILE%% Protocol: %%PROTOCOL%% Source IP: %%SOURCE_IP%% Destination IP: %%DEST_IP%% Email Address From: %%EMAIL_FROM%% Email Address To: %%EMAIL_TO%% " set header none set format text end config system replacemsg alertmail "alertmail-nids-event" set buffer "The following intrusion was observed: %%NIDS_EVENT%%." set header none set format text end config system replacemsg alertmail "alertmail-crit-event" set buffer "The following critical firewall event was detected: %%CRITICAL_EVENT%%." set header none set format text end config system replacemsg alertmail "alertmail-disk-full" set buffer "The log disk is Full." set header none set format text end config system replacemsg admin "admin-disclaimer-text" set buffer "W A R N I N G W A R N I N G W A R N I N G W A R N I N G This is a private computer system. Unauthorized access or use is prohibited and subject to prosecution and/or disciplinary action. All use of this system constitutes consent to monitoring at all times and users are not entitled to any expectation of privacy. If monitoring reveals possible evidence of violation of criminal statutes, this evidence and any other related information, including identification information about the user, may be provided to law enforcement officials. If monitoring reveals violations of security regulations or unauthorized use, employees who violate security regulations or make unauthorized use of this system are subject to appropriate disciplinary action. W A R N I N G W A R N I N G W A R N I N G W A R N I N G " set header none set format text end config system replacemsg auth "auth-disclaimer-page-1" set buffer " Firewall Disclaimer

Terms and Disclaimer Agreement

You are about to access Internet content that is not under the control of the network access provider. The network access provider is therefore not responsible for any of these sites, their content or their privacy policies. The network access provider and its staff do not endorse nor make any representations about these sites, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any Internet content, you do this entirely at your own risk and you are responsible for ensuring that any accessed material does not infringe the laws governing, but not exhaustively covering, copyright, trademarks, pornography, or any other material which is slanderous, defamatory or might cause offence in any other way.

Do you agree to the above terms?

" set header http set format html end config system replacemsg auth "auth-disclaimer-page-2" set buffer '' set header http set format html end config system replacemsg auth "auth-disclaimer-page-3" set buffer '' set header http set format html end config system replacemsg auth "auth-reject-page" set buffer " Firewall Disclaimer Declined

Disclaimer Declined

Sorry, network access cannot be granted unless you agree to the disclaimer.

" set header http set format html end config system replacemsg auth "auth-login-page" set buffer " Firewall Authentication

Authentication Required

%%QUESTION%%


" set header http set format html end config system replacemsg auth "auth-login-failed-page" set buffer " Firewall Authentication

Authentication Failed

%%FAILED_MESSAGE%%


" set header http set format html end config system replacemsg auth "auth-success-msg" set buffer "Welcome to Fortinet Firewall Authentication is successful, please connect again" set header none set format text end config system replacemsg auth "auth-challenge-page" set buffer " Firewall Authentication

Authentication Required

%%QUESTION%%

" set header http set format html end config system replacemsg auth "auth-keepalive-page" set buffer " Firewall Authentication Keepalive Window

This browser window is used to keep your authentication session active.

Please leave it open in the background and open a new window to continue.

Authentication Refresh in %%TIMEOUT%% seconds

logout

%%QUOTA_TABLE%%

" set header http set format html end config system replacemsg auth "auth-fortitoken-page" set buffer " Firewall Authentication

FortiToken Code Required

%%QUESTION%%


" set header http set format html end config system replacemsg auth "auth-email-token-page" set buffer " Firewall Authentication

Email Token Code Required

%%QUESTION%%


" set header http set format html end config system replacemsg auth "auth-sms-token-page" set buffer " Firewall Authentication

SMS Token Code Required

%%QUESTION%%


" set header http set format html end config system replacemsg captive-portal-dflt "cpa-disclaimer-page-1" set buffer " Firewall Disclaimer

SSID \"%%CPAUTH_SSID%%\" Terms and Disclaimer Agreement

You are about to access Internet content that is not under the control of the network access provider. The network access provider is therefore not responsible for any of these sites, their content or their privacy policies. The network access provider and its staff do not endorse nor make any representations about these sites, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any Internet content, you do this entirely at your own risk and you are responsible for ensuring that any accessed material does not infringe the laws governing, but not exhaustively covering, copyright, trademarks, pornography, or any other material which is slanderous, defamatory or might cause offence in any other way.

Do you agree to the above terms?

" set header http set format html end config system replacemsg captive-portal-dflt "cpa-disclaimer-page-2" set buffer '' set header http set format html end config system replacemsg captive-portal-dflt "cpa-disclaimer-page-3" set buffer '' set header http set format html end config system replacemsg captive-portal-dflt "cpa-reject-page" set buffer " Firewall Disclaimer Declined

SSID \"%%CPAUTH_SSID%%\" Disclaimer Declined

Sorry, network access cannot be granted unless you agree to the disclaimer.

" set header http set format html end config system replacemsg captive-portal-dflt "cpa-login-page" set buffer "Firewall Authentication

Terms and Disclaimer Agreement

You are about to access Internet content that is not under the control of the network access provider. The network access provider is therefore not responsible for any of these sites, their content or their privacy policies. The network access provider and its staff do not endorse nor make any representations about these sites, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any Internet content, you do this entirely at your own risk and you are responsible for ensuring that any accessed material does not infringe the laws governing, but not exhaustively covering, copyright, trademarks, pornography, or any other material which is slanderous, defamatory or might cause offence in any other way.

Authentication for SSID: %%CPAUTH_SSID%%

Please enter your username and password to continue

" set header http set format html end config system replacemsg captive-portal-dflt "cpa-login-failed-page" set buffer "Firewall Authentication

Terms and Disclaimer Agreement

You are about to access Internet content that is not under the control of the network access provider. The network access provider is therefore not responsible for any of these sites, their content or their privacy policies. The network access provider and its staff do not endorse nor make any representations about these sites, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any Internet content, you do this entirely at your own risk and you are responsible for ensuring that any accessed material does not infringe the laws governing, but not exhaustively covering, copyright, trademarks, pornography, or any other material which is slanderous, defamatory or might cause offence in any other way.

Authentication for SSID: %%CPAUTH_SSID%%

Please enter your username and password to continue

" set header http set format html end config system replacemsg sslvpn "sslvpn-login" set buffer "login
%%SSL_LOGIN%%
%%SSL_HIDDEN%%
" set header http set format html end config system replacemsg sslvpn "sslvpn-limit" set buffer "Already Logged In
Already Logged In

You already have an open SSL VPN connection. Opening multiple connections is not permitted.

If you proceed, your other connection will be disconnected.

Please contact your administrator if you blevieve there is a problem.

%%SSL_LOGIN_ANYWAY%%%%SSL_LOGIN_CANCEL%%
" set header http set format html end config system replacemsg ec "endpt-download-portal" set buffer " Endpoint Security Required

Powered By Fortinet

FortiGate: Endpoint Control

blocked

Endpoint Security Required

The use of this security policy requires that the latest FortiClient Endpoint Security software and antivirus signature package are installed.

Installing FortiClient requires that you have administrator privileges on your computer. If you do not, please contact your network administrator to have FortiClient installed.

The installer may be downloaded using the following link:
%%LINK%%

Installation instructions:

FortiClient installation may take a few minutes. Thank you for your patience.

" set header http set format html end config system replacemsg ec "endpt-recommendation-portal" set buffer " Endpoint Security Required

Powered By Fortinet

FortiGate: Endpoint Control

blocked

Endpoint Security Required

The use of this security policy requires that the latest FortiClient Endpoint Security software and antivirus signature package are installed.

Installing FortiClient requires that you have administrator privileges on your computer. If you do not, please contact your network administrator to have FortiClient installed.

The installer may be downloaded using the following link:
%%LINK%%

Installation instructions:

FortiClient installation may take a few minutes. Thank you for your patience.

Continue to %%DST_ADDR_LABEL%%

" set header http set format html end config system replacemsg ec "endpt-block-portal" set buffer " Endpoint Security Required

Powered By Fortinet

FortiGate: Endpoint Control

blocked

Endpoint Security Required

The security policy requires the endpoint to be compliant in order to gain network access. Please check your FortiClient software for details.
" set header http set format html end config system replacemsg ec "endpt-rmd-block-portal" set buffer " Endpoint Security Recommended

Powered By Fortinet

FortiGate: Endpoint Control

blocked

Endpoint Security Recommended

The security policy recommends the endpoint to be compliant in order to gain network access. Please check your FortiClient software for details.
Continue to %%DST_ADDR_LABEL%%
" set header http set format html end config system replacemsg ec "endpt-ec-block-page" set buffer " Endpoint Security Required

Powered By Fortinet

FortiGate: Endpoint Control

blocked

Endpoint Security Required

FortiClient security check failed due to the following:
%%FEATURE_BLOCK_REASONS%%
" set header http set format html end config system replacemsg ec "endpt-rmd-ec-block-page" set buffer " Endpoint Security Recommended

Powered By Fortinet

FortiGate: Endpoint Control

blocked

Endpoint Security Recommended

FortiClient security check failed due to the following:
%%FEATURE_BLOCK_REASONS%%
Continue to %%DST_ADDR_LABEL%%
" set header http set format html end config system replacemsg nac-quar "nac-quar-virus" set buffer "Virus Quarantine
Blocked because of virus


A virus was detected, originating from your system. Please contact the system administrator.


" set header http set format html end config system replacemsg nac-quar "nac-quar-dos" set buffer "Attack Detected
Blocked because of DoS Attack


A DoS attack was detected, originating from your system. Please contact the system administrator.


" set header http set format html end config system replacemsg nac-quar "nac-quar-ips" set buffer "Attack Detected
Blocked because of IPS attack


An attack was detected, originating from your system. Please contact the system administrator.


" set header http set format html end config system replacemsg nac-quar "nac-quar-dlp" set buffer "Data Leak Detected
Blocked because of data leak


A data leak was detected, originating from your system. Please contact the system administrator.


" set header http set format html end config system replacemsg traffic-quota "per-ip-shaper-block" set buffer "Traffic Quota Control
Traffic blocked because of exceed session quota


Traffic blocked because of exceed per IP shaper session quota. Please contact the system administrator.
%%QUOTA_INFO%%


" set header http set format html end config vpn certificate ca end config vpn certificate local end config antivirus service "http" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "https" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "ftp" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "ftps" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "pop3" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "pop3s" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "imap" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "imaps" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "smtp" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "smtps" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "nntp" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config antivirus service "im" set scan-bzip2 disable set uncompnestlimit 12 set uncompsizelimit 10 end config system session-sync end config wireless-controller global set name '' set location '' set max-retransmit 3 set data-ethernet-II disable set discovery-mc-addr 224.0.1.140 set max-clients 0 set rogue-scan-mac-adjacency 7 end config gui console unset preferences end config system session-helper edit 1 set name pptp set port 1723 set protocol 6 next edit 2 set name h323 set port 1720 set protocol 6 next edit 3 set name ras set port 1719 set protocol 17 next edit 4 set name tns set port 1521 set protocol 6 next edit 5 set name tftp set port 69 set protocol 17 next edit 6 set name rtsp set port 554 set protocol 6 next edit 7 set name rtsp set port 7070 set protocol 6 next edit 8 set name ftp set port 21 set protocol 6 next edit 9 set name mms set port 1863 set protocol 6 next edit 10 set name pmap set port 111 set protocol 6 next edit 11 set name pmap set port 111 set protocol 17 next edit 12 set name sip set port 5060 set protocol 17 next edit 13 set name dns-udp set port 53 set protocol 17 next edit 14 set name rsh set port 514 set protocol 6 next edit 15 set name rsh set port 512 set protocol 6 next edit 16 set name dcerpc set port 135 set protocol 6 next edit 17 set name dcerpc set port 135 set protocol 17 next edit 18 set name mgcp set port 2427 set protocol 17 next edit 19 set name mgcp set port 2727 set protocol 17 next end config system auto-install set auto-install-config enable set auto-install-image enable set default-config-file "fgt_system.conf" set default-image-file "image.out" end config system ntp config ntpserver edit 1 set server "pool.ntp.org" next end set ntpsync disable set source-ip 0.0.0.0 set syncinterval 60 end end config vdom edit root config system replacemsg-group edit "default" set comment "default" next end config firewall address edit "all" next end config webfilter ftgd-local-cat edit "custom1" set id 140 next edit "custom2" set id 141 next end config ips sensor edit "all_default" set comment "all predefined signatures with default setting" config entries edit 1 next end next edit "all_default_pass" set comment "all predefined signatures with PASS action" config entries edit 2 set action pass next end next edit "protect_http_server" set comment "protect against HTTP server-side vulnerabilities" config entries edit 5 set location server set protocol HTTP next end next edit "protect_email_server" set comment "protect against EMail server-side vulnerabilities" config entries edit 4 set location server set protocol SMTP POP3 IMAP next end next edit "protect_client" set comment "protect against client-side vulnerabilities" config entries edit 3 set location client next end next edit "default" set comment "prevent critical attacks" config entries edit 1 set severity high critical next end next end config ips DoS edit "1" config anomaly edit "tcp_syn_flood" set status enable set threshold 2000 next edit "tcp_port_scan" set status enable set threshold 1000 next edit "tcp_src_session" set status enable set threshold 5000 next edit "tcp_dst_session" set status enable set threshold 5000 next edit "udp_flood" set status enable set threshold 2000 next edit "udp_scan" set status enable set threshold 2000 next edit "udp_src_session" set status enable set threshold 5000 next edit "udp_dst_session" set status enable set threshold 5000 next edit "icmp_flood" set status enable set threshold 50 next edit "icmp_sweep" set status enable set threshold 100 next edit "icmp_src_session" set status enable set threshold 300 next edit "icmp_dst_session" set status enable set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next edit "2" config anomaly edit "tcp_syn_flood" set status enable set action block set threshold 2000 next edit "tcp_port_scan" set threshold 1000 next edit "tcp_src_session" set threshold 5000 next edit "tcp_dst_session" set threshold 5000 next edit "udp_flood" set status enable set action block set threshold 2000 next edit "udp_scan" set threshold 2000 next edit "udp_src_session" set threshold 5000 next edit "udp_dst_session" set threshold 5000 next edit "icmp_flood" set status enable set action block set threshold 50 next edit "icmp_sweep" set threshold 100 next edit "icmp_src_session" set threshold 300 next edit "icmp_dst_session" set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next end config application list edit "default" set comment "monitor all applications" config entries edit 1 set action pass next end next end config dlp filepattern edit 1 config entries edit "*.bat" next edit "*.com" next edit "*.dll" next edit "*.doc" next edit "*.exe" next edit "*.gz" next edit "*.hta" next edit "*.ppt" next edit "*.rar" next edit "*.scr" next edit "*.tar" next edit "*.tgz" next edit "*.vb?" next edit "*.wps" next edit "*.xl?" next edit "*.zip" next edit "*.pif" next edit "*.cpl" next end set name "builtin-patterns" next end config dlp rule edit "All-HTTP" set protocol http set sub-protocol http-get http-post https-post https-get set field always next edit "All-Email" set protocol email set sub-protocol smtp pop3 imap smtps pop3s imaps set field always next edit "All-IMAP" set protocol email set sub-protocol imap set field always next edit "All-SMTP" set protocol email set sub-protocol smtp set field always next edit "All-POP3" set protocol email set sub-protocol pop3 set field always next edit "All-FTP" set protocol ftp set sub-protocol ftp-get ftp-put set field always next edit "All-IM" set protocol im set sub-protocol aim icq msn ym set field always next edit "All-AIM" set protocol im set sub-protocol aim set field always next edit "All-ICQ" set protocol im set sub-protocol icq set field always next edit "All-MSN" set protocol im set sub-protocol msn set field always next edit "All-YM" set protocol im set sub-protocol ym set field always next edit "All-NNTP" set protocol nntp set field always next edit "HTTP-Visa-Mastercard" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "HTTP-AmEx" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "HTTP-Canada-SIN" set protocol http set sub-protocol http-post set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "HTTP-US-SSN" set protocol http set sub-protocol http-post set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Email-Visa-Mastercard" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "Email-AmEx" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "Email-Canada-SIN" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "Email-US-SSN" set protocol email set sub-protocol smtp pop3 imap set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Large-FTP-Put" set protocol ftp set sub-protocol ftp-put set field transfer-size set value 5120 set operator greater-equal next edit "Large-Attachment" set protocol email set sub-protocol smtp pop3 imap set field attachment-size set value 5120 set operator greater-equal next edit "Large-HTTP-Post" set protocol http set sub-protocol http-post set field transfer-size set value 5120 set operator greater-equal next edit "Email-Not-Webex" set protocol email set sub-protocol smtp pop3 imap set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "HTTP-Post-Not-Webex" set protocol http set sub-protocol http-post set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "All-HTTPS" set protocol http set sub-protocol https-post https-get set field always next end config dlp compound edit "Email-SIN" set comment "Emails containing canadian SIN but are not WebEx invites" set protocol email set sub-protocol smtp pop3 imap set member "Email-Not-Webex" "Email-Canada-SIN" next edit "HTTP-Post-SIN" set comment "Posts containing canadian SIN but are not WebEx invites" set protocol http set sub-protocol http-post set member "HTTP-Canada-SIN" "HTTP-Post-Not-Webex" next end config dlp sensor edit "Content_Summary" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive summary-only next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive summary-only next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive summary-only next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive summary-only next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Content_Archive" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive enable next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive enable next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive enable next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive enable next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Large-File" config filter edit "Large-Attachment" set filter-type advanced-rule set rule-name "Large-Attachment" next edit "Large-FTP-Put" set filter-type advanced-rule set rule-name "Large-FTP-Put" next edit "Large-HTTP-Post" set filter-type advanced-rule set rule-name "Large-HTTP-Post" next end set dlp-log disable next edit "Credit-Card" config filter edit "Email-AmEx" set filter-type advanced-rule set rule-name "Email-AmEx" next edit "Email-Visa-Mastercard" set filter-type advanced-rule set rule-name "Email-Visa-Mastercard" next edit "HTTP-AmEx" set filter-type advanced-rule set rule-name "HTTP-AmEx" next edit "HTTP-Visa-Mastercard" set filter-type advanced-rule set rule-name "HTTP-Visa-Mastercard" next end set dlp-log disable next edit "SSN-Sensor" config filter edit "Email-US-SSN" set filter-type advanced-rule set rule-name "Email-US-SSN" next edit "HTTP-US-SSN" set filter-type advanced-rule set rule-name "HTTP-US-SSN" next end set dlp-log disable next edit "default" set comment "summary archive email and web traffics" next end config webfilter content end config webfilter urlfilter end config spamfilter bword end config spamfilter emailbwl end config spamfilter ipbwl end config spamfilter mheader end config spamfilter dnsbl end config spamfilter iptrust end config voip profile edit "default" next edit "strict" config sip set malformed-request-line discard set malformed-header-via discard set malformed-header-from discard set malformed-header-to discard set malformed-header-call-id discard set malformed-header-cseq discard set malformed-header-rack discard set malformed-header-rseq discard set malformed-header-contact discard set malformed-header-record-route discard set malformed-header-route discard set malformed-header-expires discard set malformed-header-content-type discard set malformed-header-content-length discard set malformed-header-max-forwards discard set malformed-header-allow discard set malformed-header-p-asserted-identity discard set malformed-header-sdp-v discard set malformed-header-sdp-o discard set malformed-header-sdp-s discard set malformed-header-sdp-i discard set malformed-header-sdp-c discard set malformed-header-sdp-b discard set malformed-header-sdp-z discard set malformed-header-sdp-k discard set malformed-header-sdp-a discard set malformed-header-sdp-t discard set malformed-header-sdp-r discard set malformed-header-sdp-m discard end next end config vpn ssl web host-check-software edit "FortiClient-AV" set guid "C86EC76D-5A4C-40E7-BD94-59358E544D81" next edit "FortiClient-FW" set guid "528CB157-D384-4593-AAAA-E42DFF111CED" set type fw next edit "FortiClient-AV-Vista-Win7" set guid "385618A6-2256-708E-3FB9-7E98B93F91F9" next edit "FortiClient-FW-Vista-Win7" set guid "006D9983-6839-71D6-14E6-D7AD47ECD682" set type fw next edit "AVG-Internet-Security-AV" set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF" next edit "AVG-Internet-Security-FW" set guid "8DECF618-9569-4340-B34A-D78D28969B66" set type fw next edit "AVG-Internet-Security-AV-Vista-Win7" set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82" next edit "AVG-Internet-Security-FW-Vista-Win7" set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9" set type fw next edit "CA-Anti-Virus" set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93" next edit "CA-Internet-Security-AV" set guid "6B98D35F-BB76-41C0-876B-A50645ED099A" next edit "CA-Internet-Security-FW" set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3" set type fw next edit "CA-Internet-Security-AV-Vista-Win7" set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F" next edit "CA-Internet-Security-FW-Vista-Win7" set guid "06D680B0-4024-4FAB-E710-E675E50F6324" set type fw next edit "CA-Personal-Firewall" set guid "14CB4B80-8E52-45EA-905E-67C1267B4160" set type fw next edit "F-Secure-Internet-Security-AV" set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15" next edit "F-Secure-Internet-Security-FW" set guid "D4747503-0346-49EB-9262-997542F79BF4" set type fw next edit "F-Secure-Internet-Security-AV-Vista-Win7" set guid "15414183-282E-D62C-CA37-EF24860A2F17" next edit "F-Secure-Internet-Security-FW-Vista-Win7" set guid "2D7AC0A6-6241-D774-E168-461178D9686C" set type fw next edit "Kaspersky-AV" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" next edit "Kaspersky-FW" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" set type fw next edit "Kaspersky-AV-Vista-Win7" set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE" next edit "Kaspersky-FW-Vista-Win7" set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5" set type fw next edit "McAfee-Internet-Security-Suite-AV" set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83" next edit "McAfee-Internet-Security-Suite-FW" set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8" set type fw next edit "McAfee-Internet-Security-Suite-AV-Vista-Win7" set guid "86355677-4064-3EA7-ABB3-1B136EB04637" next edit "McAfee-Internet-Security-Suite-FW-Vista-Win7" set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C" set type fw next edit "McAfee-Virus-Scan-Enterprise" set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0" next edit "Norton-360-2.0-AV" set guid "A5F1BC7C-EA33-4247-961C-0217208396C4" next edit "Norton-360-2.0-FW" set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3" set type fw next edit "Norton-360-3.0-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-360-3.0-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-Internet-Security-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Norton-Internet-Security-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Symantec-Endpoint-Protection-AV" set guid "FB06448E-52B8-493A-90F3-E43226D3305C" next edit "Symantec-Endpoint-Protection-FW" set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6" set type fw next edit "Symantec-Endpoint-Protection-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Symantec-Endpoint-Protection-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Panda-Antivirus+Firewall-2008-AV" set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A" next edit "Panda-Antivirus+Firewall-2008-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Panda-Internet-Security-AV" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" next edit "Panda-Internet-Security-2006~2007-FW" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" set type fw next edit "Panda-Internet-Security-2008~2009-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Sophos-Anti-Virus" set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD" next edit "Sophos-Enpoint-Secuirty-and-Control-FW" set guid "0786E95E-326A-4524-9691-41EF88FB52EA" set type fw next edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7" set guid "479CCF92-4960-B3E0-7373-BF453B467D2C" next edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7" set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57" set type fw next edit "Trend-Micro-AV" set guid "7D2296BC-32CC-4519-917E-52E652474AF5" next edit "Trend-Micro-FW" set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6" set type fw next edit "Trend-Micro-AV-Vista-Win7" set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50" next edit "Trend-Micro-FW-Vista-Win7" set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B" set type fw next edit "ZoneAlarm-AV" set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF" next edit "ZoneAlarm-FW" set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B" set type fw next edit "ZoneAlarm-AV-Vista-Win7" set guid "D61596DF-D219-341C-49B3-AD30538CBC5B" next edit "ZoneAlarm-FW-Vista-Win7" set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20" set type fw next end config user group edit "FSSO_Guest_Users" set group-type fsso-service next end config webfilter profile edit "strict" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "scan" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "web" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "unfiltered" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "default" set comment "default web filtering" config ftgd-wf unset options end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next end config webfilter override end config webfilter override-user end config webfilter ftgd-warning end config webfilter ftgd-local-rating end config antivirus profile edit "strict" config http set options scan quarantine end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "scan" config http set options scan quarantine end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "web" config http set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "default" set comment "scan and delete virus" config http set options scan end config https set options scan end config ftp set options scan end config imap set options scan end config imaps set options scan end config pop3 set options scan end config pop3s set options scan end config smtp set options scan end config smtps set options scan end config nntp set options scan end config im set options scan end next end config spamfilter profile edit "strict" set spam-log disable set options bannedword spamfsip spamfssubmit spamfschksum spamfsurl spamhelodns spamipbwl spamraddrdns spamrbl spamhdrcheck next edit "default" set comment "malware and phishing URL filtering" set spam-log disable next end config firewall service explicit-web edit "webproxy" next end config firewall service group edit "Windows AD" set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB" next edit "Exchange Server" set member "DCE-RPC" "DNS" "HTTPS" next edit "Exchange Server OWA" set member "DNS" "HTTPS" next edit "Outlook" set member "DCE-RPC" "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS" "HTTPS" next end config firewall schedule recurring edit "always" set day sunday monday tuesday wednesday thursday friday saturday next end config firewall profile-protocol-options edit "strict" config http set options oversize unset post-lang end config ftp set options oversize splice end config imap set options oversize end config pop3 set options oversize end config smtp set options oversize splice end config smtps set options splice end config nntp set options oversize end config im set options oversize end next edit "scan" config ftp set options splice end config smtp set options splice end config smtps set options splice end next edit "web" config ftp set options splice end config imap set options fragmail end config pop3 set options fragmail end config smtp set options fragmail splice end config smtps set options splice end next edit "unfiltered" config http set options no-content-summary unset post-lang end config https set options no-content-summary unset post-lang end config ftp set options no-content-summary end config imap set options fragmail no-content-summary end config pop3 set options fragmail no-content-summary end config smtp set options fragmail no-content-summary splice end config smtps set options splice end config nntp set options no-content-summary end next edit "default" set comment "all default services" config http set port 80 set options no-content-summary unset post-lang end config https set port 443 set options no-content-summary unset post-lang end config ftp set port 21 set options no-content-summary splice end config ftps set port 990 set options no-content-summary splice unset post-lang end config imap set port 143 set options fragmail no-content-summary end config imaps set port 993 set options fragmail no-content-summary end config pop3 set port 110 set options fragmail no-content-summary end config pop3s set port 995 set options fragmail no-content-summary end config smtp set port 25 set options fragmail no-content-summary splice end config smtps set port 465 set options fragmail no-content-summary splice end config nntp set port 119 set options no-content-summary splice end next end config firewall profile-group edit "strict" set av-profile "strict" set webfilter-profile "strict" set spamfilter-profile "strict" set profile-protocol-options "strict" next edit "scan" set av-profile "scan" set webfilter-profile "scan" set profile-protocol-options "scan" next edit "web" set av-profile "web" set webfilter-profile "web" set profile-protocol-options "web" next edit "unfiltered" set webfilter-profile "unfiltered" set profile-protocol-options "unfiltered" next end config firewall policy end config firewall local-in-policy end config firewall policy6 end config firewall local-in-policy6 end config firewall interface-policy end config firewall interface-policy6 end config firewall sniff-interface-policy end config firewall sniff-interface-policy6 end config wanopt rule end config imp2p policy set aim deny set icq deny set msn deny set yahoo deny end config router rip config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router ripng config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router static edit 1 set device "port2" set gateway 172.31.19.254 next end config router ospf config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router ospf6 config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router bgp config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "static" end config redistribute "isis" end config redistribute6 "connected" end config redistribute6 "rip" end config redistribute6 "ospf" end config redistribute6 "static" end config redistribute6 "isis" end end config router isis config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "static" end end config router multicast end end config vdom edit client config system replacemsg-group edit "default" set comment "default" next end config firewall address edit "all" next end config webfilter ftgd-local-cat edit "custom1" set id 140 next edit "custom2" set id 141 next end config ips sensor edit "all_default" set comment "all predefined signatures with default setting" config entries edit 1 next end next edit "all_default_pass" set comment "all predefined signatures with PASS action" config entries edit 2 set action pass next end next edit "protect_http_server" set comment "protect against HTTP server-side vulnerabilities" config entries edit 5 set location server set protocol HTTP next end next edit "protect_email_server" set comment "protect against EMail server-side vulnerabilities" config entries edit 4 set location server set protocol SMTP POP3 IMAP next end next edit "protect_client" set comment "protect against client-side vulnerabilities" config entries edit 3 set location client next end next edit "default" set comment "prevent critical attacks" config entries edit 1 set severity high critical next end next end config ips DoS edit "1" config anomaly edit "tcp_syn_flood" set status enable set threshold 2000 next edit "tcp_port_scan" set status enable set threshold 1000 next edit "tcp_src_session" set status enable set threshold 5000 next edit "tcp_dst_session" set status enable set threshold 5000 next edit "udp_flood" set status enable set threshold 2000 next edit "udp_scan" set status enable set threshold 2000 next edit "udp_src_session" set status enable set threshold 5000 next edit "udp_dst_session" set status enable set threshold 5000 next edit "icmp_flood" set status enable set threshold 50 next edit "icmp_sweep" set status enable set threshold 100 next edit "icmp_src_session" set status enable set threshold 300 next edit "icmp_dst_session" set status enable set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next edit "2" config anomaly edit "tcp_syn_flood" set status enable set action block set threshold 2000 next edit "tcp_port_scan" set threshold 1000 next edit "tcp_src_session" set threshold 5000 next edit "tcp_dst_session" set threshold 5000 next edit "udp_flood" set status enable set action block set threshold 2000 next edit "udp_scan" set threshold 2000 next edit "udp_src_session" set threshold 5000 next edit "udp_dst_session" set threshold 5000 next edit "icmp_flood" set status enable set action block set threshold 50 next edit "icmp_sweep" set threshold 100 next edit "icmp_src_session" set threshold 300 next edit "icmp_dst_session" set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next end config application list edit "default" set comment "monitor all applications" config entries edit 1 set action pass next end next end config dlp filepattern edit 1 config entries edit "*.bat" next edit "*.com" next edit "*.dll" next edit "*.doc" next edit "*.exe" next edit "*.gz" next edit "*.hta" next edit "*.ppt" next edit "*.rar" next edit "*.scr" next edit "*.tar" next edit "*.tgz" next edit "*.vb?" next edit "*.wps" next edit "*.xl?" next edit "*.zip" next edit "*.pif" next edit "*.cpl" next end set name "builtin-patterns" next end config dlp rule edit "All-HTTP" set protocol http set sub-protocol http-get http-post https-post https-get set field always next edit "All-Email" set protocol email set sub-protocol smtp pop3 imap smtps pop3s imaps set field always next edit "All-IMAP" set protocol email set sub-protocol imap set field always next edit "All-SMTP" set protocol email set sub-protocol smtp set field always next edit "All-POP3" set protocol email set sub-protocol pop3 set field always next edit "All-FTP" set protocol ftp set sub-protocol ftp-get ftp-put set field always next edit "All-IM" set protocol im set sub-protocol aim icq msn ym set field always next edit "All-AIM" set protocol im set sub-protocol aim set field always next edit "All-ICQ" set protocol im set sub-protocol icq set field always next edit "All-MSN" set protocol im set sub-protocol msn set field always next edit "All-YM" set protocol im set sub-protocol ym set field always next edit "All-NNTP" set protocol nntp set field always next edit "HTTP-Visa-Mastercard" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "HTTP-AmEx" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "HTTP-Canada-SIN" set protocol http set sub-protocol http-post set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "HTTP-US-SSN" set protocol http set sub-protocol http-post set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Email-Visa-Mastercard" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "Email-AmEx" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "Email-Canada-SIN" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "Email-US-SSN" set protocol email set sub-protocol smtp pop3 imap set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Large-FTP-Put" set protocol ftp set sub-protocol ftp-put set field transfer-size set value 5120 set operator greater-equal next edit "Large-Attachment" set protocol email set sub-protocol smtp pop3 imap set field attachment-size set value 5120 set operator greater-equal next edit "Large-HTTP-Post" set protocol http set sub-protocol http-post set field transfer-size set value 5120 set operator greater-equal next edit "Email-Not-Webex" set protocol email set sub-protocol smtp pop3 imap set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "HTTP-Post-Not-Webex" set protocol http set sub-protocol http-post set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "All-HTTPS" set protocol http set sub-protocol https-post https-get set field always next end config dlp compound edit "Email-SIN" set comment "Emails containing canadian SIN but are not WebEx invites" set protocol email set sub-protocol smtp pop3 imap set member "Email-Not-Webex" "Email-Canada-SIN" next edit "HTTP-Post-SIN" set comment "Posts containing canadian SIN but are not WebEx invites" set protocol http set sub-protocol http-post set member "HTTP-Canada-SIN" "HTTP-Post-Not-Webex" next end config dlp sensor edit "Content_Summary" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive summary-only next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive summary-only next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive summary-only next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive summary-only next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Content_Archive" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive enable next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive enable next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive enable next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive enable next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Large-File" config filter edit "Large-Attachment" set filter-type advanced-rule set rule-name "Large-Attachment" next edit "Large-FTP-Put" set filter-type advanced-rule set rule-name "Large-FTP-Put" next edit "Large-HTTP-Post" set filter-type advanced-rule set rule-name "Large-HTTP-Post" next end set dlp-log disable next edit "Credit-Card" config filter edit "Email-AmEx" set filter-type advanced-rule set rule-name "Email-AmEx" next edit "Email-Visa-Mastercard" set filter-type advanced-rule set rule-name "Email-Visa-Mastercard" next edit "HTTP-AmEx" set filter-type advanced-rule set rule-name "HTTP-AmEx" next edit "HTTP-Visa-Mastercard" set filter-type advanced-rule set rule-name "HTTP-Visa-Mastercard" next end set dlp-log disable next edit "SSN-Sensor" config filter edit "Email-US-SSN" set filter-type advanced-rule set rule-name "Email-US-SSN" next edit "HTTP-US-SSN" set filter-type advanced-rule set rule-name "HTTP-US-SSN" next end set dlp-log disable next edit "default" set comment "summary archive email and web traffics" next end config webfilter content end config webfilter urlfilter end config spamfilter bword end config spamfilter emailbwl end config spamfilter ipbwl end config spamfilter mheader end config spamfilter dnsbl end config spamfilter iptrust end config voip profile edit "default" next edit "strict" config sip set malformed-request-line discard set malformed-header-via discard set malformed-header-from discard set malformed-header-to discard set malformed-header-call-id discard set malformed-header-cseq discard set malformed-header-rack discard set malformed-header-rseq discard set malformed-header-contact discard set malformed-header-record-route discard set malformed-header-route discard set malformed-header-expires discard set malformed-header-content-type discard set malformed-header-content-length discard set malformed-header-max-forwards discard set malformed-header-allow discard set malformed-header-p-asserted-identity discard set malformed-header-sdp-v discard set malformed-header-sdp-o discard set malformed-header-sdp-s discard set malformed-header-sdp-i discard set malformed-header-sdp-c discard set malformed-header-sdp-b discard set malformed-header-sdp-z discard set malformed-header-sdp-k discard set malformed-header-sdp-a discard set malformed-header-sdp-t discard set malformed-header-sdp-r discard set malformed-header-sdp-m discard end next end config vpn ssl web host-check-software edit "FortiClient-AV" set guid "C86EC76D-5A4C-40E7-BD94-59358E544D81" next edit "FortiClient-FW" set guid "528CB157-D384-4593-AAAA-E42DFF111CED" set type fw next edit "FortiClient-AV-Vista-Win7" set guid "385618A6-2256-708E-3FB9-7E98B93F91F9" next edit "FortiClient-FW-Vista-Win7" set guid "006D9983-6839-71D6-14E6-D7AD47ECD682" set type fw next edit "AVG-Internet-Security-AV" set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF" next edit "AVG-Internet-Security-FW" set guid "8DECF618-9569-4340-B34A-D78D28969B66" set type fw next edit "AVG-Internet-Security-AV-Vista-Win7" set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82" next edit "AVG-Internet-Security-FW-Vista-Win7" set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9" set type fw next edit "CA-Anti-Virus" set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93" next edit "CA-Internet-Security-AV" set guid "6B98D35F-BB76-41C0-876B-A50645ED099A" next edit "CA-Internet-Security-FW" set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3" set type fw next edit "CA-Internet-Security-AV-Vista-Win7" set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F" next edit "CA-Internet-Security-FW-Vista-Win7" set guid "06D680B0-4024-4FAB-E710-E675E50F6324" set type fw next edit "CA-Personal-Firewall" set guid "14CB4B80-8E52-45EA-905E-67C1267B4160" set type fw next edit "F-Secure-Internet-Security-AV" set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15" next edit "F-Secure-Internet-Security-FW" set guid "D4747503-0346-49EB-9262-997542F79BF4" set type fw next edit "F-Secure-Internet-Security-AV-Vista-Win7" set guid "15414183-282E-D62C-CA37-EF24860A2F17" next edit "F-Secure-Internet-Security-FW-Vista-Win7" set guid "2D7AC0A6-6241-D774-E168-461178D9686C" set type fw next edit "Kaspersky-AV" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" next edit "Kaspersky-FW" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" set type fw next edit "Kaspersky-AV-Vista-Win7" set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE" next edit "Kaspersky-FW-Vista-Win7" set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5" set type fw next edit "McAfee-Internet-Security-Suite-AV" set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83" next edit "McAfee-Internet-Security-Suite-FW" set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8" set type fw next edit "McAfee-Internet-Security-Suite-AV-Vista-Win7" set guid "86355677-4064-3EA7-ABB3-1B136EB04637" next edit "McAfee-Internet-Security-Suite-FW-Vista-Win7" set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C" set type fw next edit "McAfee-Virus-Scan-Enterprise" set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0" next edit "Norton-360-2.0-AV" set guid "A5F1BC7C-EA33-4247-961C-0217208396C4" next edit "Norton-360-2.0-FW" set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3" set type fw next edit "Norton-360-3.0-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-360-3.0-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-Internet-Security-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Norton-Internet-Security-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Symantec-Endpoint-Protection-AV" set guid "FB06448E-52B8-493A-90F3-E43226D3305C" next edit "Symantec-Endpoint-Protection-FW" set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6" set type fw next edit "Symantec-Endpoint-Protection-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Symantec-Endpoint-Protection-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Panda-Antivirus+Firewall-2008-AV" set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A" next edit "Panda-Antivirus+Firewall-2008-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Panda-Internet-Security-AV" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" next edit "Panda-Internet-Security-2006~2007-FW" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" set type fw next edit "Panda-Internet-Security-2008~2009-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Sophos-Anti-Virus" set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD" next edit "Sophos-Enpoint-Secuirty-and-Control-FW" set guid "0786E95E-326A-4524-9691-41EF88FB52EA" set type fw next edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7" set guid "479CCF92-4960-B3E0-7373-BF453B467D2C" next edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7" set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57" set type fw next edit "Trend-Micro-AV" set guid "7D2296BC-32CC-4519-917E-52E652474AF5" next edit "Trend-Micro-FW" set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6" set type fw next edit "Trend-Micro-AV-Vista-Win7" set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50" next edit "Trend-Micro-FW-Vista-Win7" set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B" set type fw next edit "ZoneAlarm-AV" set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF" next edit "ZoneAlarm-FW" set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B" set type fw next edit "ZoneAlarm-AV-Vista-Win7" set guid "D61596DF-D219-341C-49B3-AD30538CBC5B" next edit "ZoneAlarm-FW-Vista-Win7" set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20" set type fw next end config user group edit "FSSO_Guest_Users" set group-type fsso-service next end config webfilter profile edit "strict" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "scan" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "web" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "unfiltered" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "default" set comment "default web filtering" config ftgd-wf unset options end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next end config webfilter override end config webfilter override-user end config webfilter ftgd-warning end config webfilter ftgd-local-rating end config antivirus profile edit "strict" config http set options scan end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "scan" config http set options scan quarantine end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "web" config http set options scan end config nac-quar end set av-virus-log disable set av-block-log disable next edit "default" set comment "scan and delete virus" config http set options scan end config https set options scan end config ftp set options scan end config imap set options scan end config imaps set options scan end config pop3 set options scan end config pop3s set options scan end config smtp set options scan end config smtps set options scan end config nntp set options scan end config im set options scan end next end config spamfilter profile edit "strict" set spam-log disable set options bannedword spamfsip spamfssubmit spamfschksum spamfsurl spamhelodns spamipbwl spamraddrdns spamrbl spamhdrcheck next edit "default" set comment "malware and phishing URL filtering" set spam-log disable next end config firewall service explicit-web edit "webproxy" next end config firewall service group edit "Windows AD" set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB" next edit "Exchange Server" set member "DCE-RPC" "DNS" "HTTPS" next edit "Exchange Server OWA" set member "DNS" "HTTPS" next edit "Outlook" set member "DCE-RPC" "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS" "HTTPS" next end config firewall schedule recurring edit "always" set day sunday monday tuesday wednesday thursday friday saturday next end config firewall profile-protocol-options edit "strict" config http set options oversize unset post-lang end config ftp set options oversize splice end config imap set options oversize end config pop3 set options oversize end config smtp set options oversize splice end config smtps set options splice end config nntp set options oversize end config im set options oversize end next edit "scan" config ftp set options splice end config smtp set options splice end config smtps set options splice end next edit "web" config ftp set options splice end config imap set options fragmail end config pop3 set options fragmail end config smtp set options fragmail splice end config smtps set options splice end next edit "unfiltered" config http set options no-content-summary unset post-lang end config https set options no-content-summary unset post-lang end config ftp set options no-content-summary end config imap set options fragmail no-content-summary end config pop3 set options fragmail no-content-summary end config smtp set options fragmail no-content-summary splice end config smtps set options splice end config nntp set options no-content-summary end next edit "default" set comment "all default services" config http set port 80 set options no-content-summary unset post-lang end config https set port 443 set options no-content-summary unset post-lang end config ftp set port 21 set options no-content-summary splice end config ftps set port 990 set options no-content-summary splice unset post-lang end config imap set port 143 set options fragmail no-content-summary end config imaps set port 993 set options fragmail no-content-summary end config pop3 set port 110 set options fragmail no-content-summary end config pop3s set port 995 set options fragmail no-content-summary end config smtp set port 25 set options fragmail no-content-summary splice end config smtps set port 465 set options fragmail no-content-summary splice end config nntp set port 119 set options no-content-summary splice end next end config firewall profile-group edit "strict" set av-profile "strict" set webfilter-profile "strict" set spamfilter-profile "strict" set ips-sensor "all_default" set profile-protocol-options "strict" next edit "scan" set av-profile "scan" set webfilter-profile "scan" set ips-sensor "all_default_pass" set profile-protocol-options "scan" next edit "web" set av-profile "web" set webfilter-profile "web" set profile-protocol-options "web" next edit "unfiltered" set webfilter-profile "unfiltered" set profile-protocol-options "unfiltered" next end config firewall policy end config firewall local-in-policy end config firewall policy6 end config firewall local-in-policy6 end config firewall interface-policy end config firewall interface-policy6 end config firewall sniff-interface-policy end config firewall sniff-interface-policy6 end config wanopt rule end config imp2p policy set aim deny set icq deny set msn deny set yahoo deny end config router rip config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router ripng config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router static edit 1 set device "p1v84" set gateway 192.168.0.2 next end config router ospf config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router ospf6 config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router bgp config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "static" end config redistribute "isis" end config redistribute6 "connected" end config redistribute6 "rip" end config redistribute6 "ospf" end config redistribute6 "static" end config redistribute6 "isis" end end config router isis config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "static" end end config router multicast end end config vdom edit server config system replacemsg-group edit "default" set comment "default" next end config firewall address edit "all" next end config webfilter ftgd-local-cat edit "custom1" set id 140 next edit "custom2" set id 141 next end config ips sensor edit "all_default" set comment "all predefined signatures with default setting" config entries edit 1 next end next edit "all_default_pass" set comment "all predefined signatures with PASS action" config entries edit 2 set action pass next end next edit "protect_http_server" set comment "protect against HTTP server-side vulnerabilities" config entries edit 5 set location server set protocol HTTP next end next edit "protect_email_server" set comment "protect against EMail server-side vulnerabilities" config entries edit 4 set location server set protocol SMTP POP3 IMAP next end next edit "protect_client" set comment "protect against client-side vulnerabilities" config entries edit 3 set location client next end next edit "default" set comment "prevent critical attacks" config entries edit 1 set severity high critical next end next end config ips DoS edit "1" config anomaly edit "tcp_syn_flood" set status enable set threshold 2000 next edit "tcp_port_scan" set status enable set threshold 1000 next edit "tcp_src_session" set status enable set threshold 5000 next edit "tcp_dst_session" set status enable set threshold 5000 next edit "udp_flood" set status enable set threshold 2000 next edit "udp_scan" set status enable set threshold 2000 next edit "udp_src_session" set status enable set threshold 5000 next edit "udp_dst_session" set status enable set threshold 5000 next edit "icmp_flood" set status enable set threshold 50 next edit "icmp_sweep" set status enable set threshold 100 next edit "icmp_src_session" set status enable set threshold 300 next edit "icmp_dst_session" set status enable set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next edit "2" config anomaly edit "tcp_syn_flood" set status enable set action block set threshold 2000 next edit "tcp_port_scan" set threshold 1000 next edit "tcp_src_session" set threshold 5000 next edit "tcp_dst_session" set threshold 5000 next edit "udp_flood" set status enable set action block set threshold 2000 next edit "udp_scan" set threshold 2000 next edit "udp_src_session" set threshold 5000 next edit "udp_dst_session" set threshold 5000 next edit "icmp_flood" set status enable set action block set threshold 50 next edit "icmp_sweep" set threshold 100 next edit "icmp_src_session" set threshold 300 next edit "icmp_dst_session" set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next end config application list edit "default" set comment "monitor all applications" config entries edit 1 set action pass next end next end config dlp filepattern edit 1 config entries edit "*.bat" next edit "*.com" next edit "*.dll" next edit "*.doc" next edit "*.exe" next edit "*.gz" next edit "*.hta" next edit "*.ppt" next edit "*.rar" next edit "*.scr" next edit "*.tar" next edit "*.tgz" next edit "*.vb?" next edit "*.wps" next edit "*.xl?" next edit "*.zip" next edit "*.pif" next edit "*.cpl" next end set name "builtin-patterns" next end config dlp rule edit "All-HTTP" set protocol http set sub-protocol http-get http-post https-post https-get set field always next edit "All-Email" set protocol email set sub-protocol smtp pop3 imap smtps pop3s imaps set field always next edit "All-IMAP" set protocol email set sub-protocol imap set field always next edit "All-SMTP" set protocol email set sub-protocol smtp set field always next edit "All-POP3" set protocol email set sub-protocol pop3 set field always next edit "All-FTP" set protocol ftp set sub-protocol ftp-get ftp-put set field always next edit "All-IM" set protocol im set sub-protocol aim icq msn ym set field always next edit "All-AIM" set protocol im set sub-protocol aim set field always next edit "All-ICQ" set protocol im set sub-protocol icq set field always next edit "All-MSN" set protocol im set sub-protocol msn set field always next edit "All-YM" set protocol im set sub-protocol ym set field always next edit "All-NNTP" set protocol nntp set field always next edit "HTTP-Visa-Mastercard" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "HTTP-AmEx" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "HTTP-Canada-SIN" set protocol http set sub-protocol http-post set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "HTTP-US-SSN" set protocol http set sub-protocol http-post set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Email-Visa-Mastercard" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "Email-AmEx" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "Email-Canada-SIN" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "Email-US-SSN" set protocol email set sub-protocol smtp pop3 imap set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Large-FTP-Put" set protocol ftp set sub-protocol ftp-put set field transfer-size set value 5120 set operator greater-equal next edit "Large-Attachment" set protocol email set sub-protocol smtp pop3 imap set field attachment-size set value 5120 set operator greater-equal next edit "Large-HTTP-Post" set protocol http set sub-protocol http-post set field transfer-size set value 5120 set operator greater-equal next edit "Email-Not-Webex" set protocol email set sub-protocol smtp pop3 imap set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "HTTP-Post-Not-Webex" set protocol http set sub-protocol http-post set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "All-HTTPS" set protocol http set sub-protocol https-post https-get set field always next end config dlp compound edit "Email-SIN" set comment "Emails containing canadian SIN but are not WebEx invites" set protocol email set sub-protocol smtp pop3 imap set member "Email-Not-Webex" "Email-Canada-SIN" next edit "HTTP-Post-SIN" set comment "Posts containing canadian SIN but are not WebEx invites" set protocol http set sub-protocol http-post set member "HTTP-Canada-SIN" "HTTP-Post-Not-Webex" next end config dlp sensor edit "Content_Summary" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive summary-only next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive summary-only next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive summary-only next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive summary-only next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Content_Archive" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive enable next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive enable next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive enable next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive enable next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Large-File" config filter edit "Large-Attachment" set filter-type advanced-rule set rule-name "Large-Attachment" next edit "Large-FTP-Put" set filter-type advanced-rule set rule-name "Large-FTP-Put" next edit "Large-HTTP-Post" set filter-type advanced-rule set rule-name "Large-HTTP-Post" next end set dlp-log disable next edit "Credit-Card" config filter edit "Email-AmEx" set filter-type advanced-rule set rule-name "Email-AmEx" next edit "Email-Visa-Mastercard" set filter-type advanced-rule set rule-name "Email-Visa-Mastercard" next edit "HTTP-AmEx" set filter-type advanced-rule set rule-name "HTTP-AmEx" next edit "HTTP-Visa-Mastercard" set filter-type advanced-rule set rule-name "HTTP-Visa-Mastercard" next end set dlp-log disable next edit "SSN-Sensor" config filter edit "Email-US-SSN" set filter-type advanced-rule set rule-name "Email-US-SSN" next edit "HTTP-US-SSN" set filter-type advanced-rule set rule-name "HTTP-US-SSN" next end set dlp-log disable next edit "default" set comment "summary archive email and web traffics" next end config webfilter content end config webfilter urlfilter end config spamfilter bword end config spamfilter emailbwl end config spamfilter ipbwl end config spamfilter mheader end config spamfilter dnsbl end config spamfilter iptrust end config voip profile edit "default" next edit "strict" config sip set malformed-request-line discard set malformed-header-via discard set malformed-header-from discard set malformed-header-to discard set malformed-header-call-id discard set malformed-header-cseq discard set malformed-header-rack discard set malformed-header-rseq discard set malformed-header-contact discard set malformed-header-record-route discard set malformed-header-route discard set malformed-header-expires discard set malformed-header-content-type discard set malformed-header-content-length discard set malformed-header-max-forwards discard set malformed-header-allow discard set malformed-header-p-asserted-identity discard set malformed-header-sdp-v discard set malformed-header-sdp-o discard set malformed-header-sdp-s discard set malformed-header-sdp-i discard set malformed-header-sdp-c discard set malformed-header-sdp-b discard set malformed-header-sdp-z discard set malformed-header-sdp-k discard set malformed-header-sdp-a discard set malformed-header-sdp-t discard set malformed-header-sdp-r discard set malformed-header-sdp-m discard end next end config vpn ssl web host-check-software edit "FortiClient-AV" set guid "C86EC76D-5A4C-40E7-BD94-59358E544D81" next edit "FortiClient-FW" set guid "528CB157-D384-4593-AAAA-E42DFF111CED" set type fw next edit "FortiClient-AV-Vista-Win7" set guid "385618A6-2256-708E-3FB9-7E98B93F91F9" next edit "FortiClient-FW-Vista-Win7" set guid "006D9983-6839-71D6-14E6-D7AD47ECD682" set type fw next edit "AVG-Internet-Security-AV" set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF" next edit "AVG-Internet-Security-FW" set guid "8DECF618-9569-4340-B34A-D78D28969B66" set type fw next edit "AVG-Internet-Security-AV-Vista-Win7" set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82" next edit "AVG-Internet-Security-FW-Vista-Win7" set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9" set type fw next edit "CA-Anti-Virus" set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93" next edit "CA-Internet-Security-AV" set guid "6B98D35F-BB76-41C0-876B-A50645ED099A" next edit "CA-Internet-Security-FW" set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3" set type fw next edit "CA-Internet-Security-AV-Vista-Win7" set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F" next edit "CA-Internet-Security-FW-Vista-Win7" set guid "06D680B0-4024-4FAB-E710-E675E50F6324" set type fw next edit "CA-Personal-Firewall" set guid "14CB4B80-8E52-45EA-905E-67C1267B4160" set type fw next edit "F-Secure-Internet-Security-AV" set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15" next edit "F-Secure-Internet-Security-FW" set guid "D4747503-0346-49EB-9262-997542F79BF4" set type fw next edit "F-Secure-Internet-Security-AV-Vista-Win7" set guid "15414183-282E-D62C-CA37-EF24860A2F17" next edit "F-Secure-Internet-Security-FW-Vista-Win7" set guid "2D7AC0A6-6241-D774-E168-461178D9686C" set type fw next edit "Kaspersky-AV" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" next edit "Kaspersky-FW" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" set type fw next edit "Kaspersky-AV-Vista-Win7" set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE" next edit "Kaspersky-FW-Vista-Win7" set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5" set type fw next edit "McAfee-Internet-Security-Suite-AV" set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83" next edit "McAfee-Internet-Security-Suite-FW" set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8" set type fw next edit "McAfee-Internet-Security-Suite-AV-Vista-Win7" set guid "86355677-4064-3EA7-ABB3-1B136EB04637" next edit "McAfee-Internet-Security-Suite-FW-Vista-Win7" set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C" set type fw next edit "McAfee-Virus-Scan-Enterprise" set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0" next edit "Norton-360-2.0-AV" set guid "A5F1BC7C-EA33-4247-961C-0217208396C4" next edit "Norton-360-2.0-FW" set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3" set type fw next edit "Norton-360-3.0-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-360-3.0-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-Internet-Security-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Norton-Internet-Security-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Symantec-Endpoint-Protection-AV" set guid "FB06448E-52B8-493A-90F3-E43226D3305C" next edit "Symantec-Endpoint-Protection-FW" set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6" set type fw next edit "Symantec-Endpoint-Protection-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Symantec-Endpoint-Protection-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Panda-Antivirus+Firewall-2008-AV" set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A" next edit "Panda-Antivirus+Firewall-2008-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Panda-Internet-Security-AV" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" next edit "Panda-Internet-Security-2006~2007-FW" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" set type fw next edit "Panda-Internet-Security-2008~2009-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Sophos-Anti-Virus" set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD" next edit "Sophos-Enpoint-Secuirty-and-Control-FW" set guid "0786E95E-326A-4524-9691-41EF88FB52EA" set type fw next edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7" set guid "479CCF92-4960-B3E0-7373-BF453B467D2C" next edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7" set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57" set type fw next edit "Trend-Micro-AV" set guid "7D2296BC-32CC-4519-917E-52E652474AF5" next edit "Trend-Micro-FW" set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6" set type fw next edit "Trend-Micro-AV-Vista-Win7" set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50" next edit "Trend-Micro-FW-Vista-Win7" set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B" set type fw next edit "ZoneAlarm-AV" set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF" next edit "ZoneAlarm-FW" set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B" set type fw next edit "ZoneAlarm-AV-Vista-Win7" set guid "D61596DF-D219-341C-49B3-AD30538CBC5B" next edit "ZoneAlarm-FW-Vista-Win7" set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20" set type fw next end config user group edit "FSSO_Guest_Users" set group-type fsso-service next end config webfilter profile edit "strict" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "scan" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "web" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "unfiltered" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "default" set comment "default web filtering" config ftgd-wf unset options end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next end config webfilter override end config webfilter override-user end config webfilter ftgd-warning end config webfilter ftgd-local-rating end config antivirus profile edit "strict" config http set options scan end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "scan" config http set options scan quarantine end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "web" config http set options scan end config nac-quar end set av-virus-log disable set av-block-log disable next edit "default" set comment "scan and delete virus" config http set options scan end config https set options scan end config ftp set options scan end config imap set options scan end config imaps set options scan end config pop3 set options scan end config pop3s set options scan end config smtp set options scan end config smtps set options scan end config nntp set options scan end config im set options scan end next end config spamfilter profile edit "strict" set spam-log disable set options bannedword spamfsip spamfssubmit spamfschksum spamfsurl spamhelodns spamipbwl spamraddrdns spamrbl spamhdrcheck next edit "default" set comment "malware and phishing URL filtering" set spam-log disable next end config firewall service explicit-web edit "webproxy" next end config firewall service group edit "Windows AD" set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB" next edit "Exchange Server" set member "DCE-RPC" "DNS" "HTTPS" next edit "Exchange Server OWA" set member "DNS" "HTTPS" next edit "Outlook" set member "DCE-RPC" "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS" "HTTPS" next end config firewall schedule recurring edit "always" set day sunday monday tuesday wednesday thursday friday saturday next end config firewall profile-protocol-options edit "strict" config http set options oversize unset post-lang end config ftp set options oversize splice end config imap set options oversize end config pop3 set options oversize end config smtp set options oversize splice end config smtps set options splice end config nntp set options oversize end config im set options oversize end next edit "scan" config ftp set options splice end config smtp set options splice end config smtps set options splice end next edit "web" config ftp set options splice end config imap set options fragmail end config pop3 set options fragmail end config smtp set options fragmail splice end config smtps set options splice end next edit "unfiltered" config http set options no-content-summary unset post-lang end config https set options no-content-summary unset post-lang end config ftp set options no-content-summary end config imap set options fragmail no-content-summary end config pop3 set options fragmail no-content-summary end config smtp set options fragmail no-content-summary splice end config smtps set options splice end config nntp set options no-content-summary end next edit "default" set comment "all default services" config http set port 80 set options no-content-summary unset post-lang end config https set port 443 set options no-content-summary unset post-lang end config ftp set port 21 set options no-content-summary splice end config ftps set port 990 set options no-content-summary splice unset post-lang end config imap set port 143 set options fragmail no-content-summary end config imaps set port 993 set options fragmail no-content-summary end config pop3 set port 110 set options fragmail no-content-summary end config pop3s set port 995 set options fragmail no-content-summary end config smtp set port 25 set options fragmail no-content-summary splice end config smtps set port 465 set options fragmail no-content-summary splice end config nntp set port 119 set options no-content-summary splice end next end config firewall profile-group edit "strict" set av-profile "strict" set webfilter-profile "strict" set spamfilter-profile "strict" set ips-sensor "all_default" set profile-protocol-options "strict" next edit "scan" set av-profile "scan" set webfilter-profile "scan" set ips-sensor "all_default_pass" set profile-protocol-options "scan" next edit "web" set av-profile "web" set webfilter-profile "web" set profile-protocol-options "web" next edit "unfiltered" set webfilter-profile "unfiltered" set profile-protocol-options "unfiltered" next end config firewall policy end config firewall local-in-policy end config firewall policy6 end config firewall local-in-policy6 end config firewall interface-policy end config firewall interface-policy6 end config firewall sniff-interface-policy end config firewall sniff-interface-policy6 end config wanopt rule end config imp2p policy set aim deny set icq deny set msn deny set yahoo deny end config router rip config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router ripng config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router static edit 1 set device "p1v87" set gateway 192.168.3.2 next end config router ospf config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router ospf6 config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router bgp config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "static" end config redistribute "isis" end config redistribute6 "connected" end config redistribute6 "rip" end config redistribute6 "ospf" end config redistribute6 "static" end config redistribute6 "isis" end end config router isis config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "static" end end config router multicast end end config vdom edit snat config system replacemsg-group edit "default" set comment "default" next end config firewall address edit "all" next end config webfilter ftgd-local-cat edit "custom1" set id 140 next edit "custom2" set id 141 next end config ips sensor edit "all_default" set comment "all predefined signatures with default setting" config entries edit 1 next end next edit "all_default_pass" set comment "all predefined signatures with PASS action" config entries edit 2 set action pass next end next edit "protect_http_server" set comment "protect against HTTP server-side vulnerabilities" config entries edit 5 set location server set protocol HTTP next end next edit "protect_email_server" set comment "protect against EMail server-side vulnerabilities" config entries edit 4 set location server set protocol SMTP POP3 IMAP next end next edit "protect_client" set comment "protect against client-side vulnerabilities" config entries edit 3 set location client next end next edit "default" set comment "prevent critical attacks" config entries edit 1 set severity high critical next end next end config ips DoS edit "1" config anomaly edit "tcp_syn_flood" set status enable set threshold 2000 next edit "tcp_port_scan" set status enable set threshold 1000 next edit "tcp_src_session" set status enable set threshold 5000 next edit "tcp_dst_session" set status enable set threshold 5000 next edit "udp_flood" set status enable set threshold 2000 next edit "udp_scan" set status enable set threshold 2000 next edit "udp_src_session" set status enable set threshold 5000 next edit "udp_dst_session" set status enable set threshold 5000 next edit "icmp_flood" set status enable set threshold 50 next edit "icmp_sweep" set status enable set threshold 100 next edit "icmp_src_session" set status enable set threshold 300 next edit "icmp_dst_session" set status enable set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next edit "2" config anomaly edit "tcp_syn_flood" set status enable set action block set threshold 2000 next edit "tcp_port_scan" set threshold 1000 next edit "tcp_src_session" set threshold 5000 next edit "tcp_dst_session" set threshold 5000 next edit "udp_flood" set status enable set action block set threshold 2000 next edit "udp_scan" set threshold 2000 next edit "udp_src_session" set threshold 5000 next edit "udp_dst_session" set threshold 5000 next edit "icmp_flood" set status enable set action block set threshold 50 next edit "icmp_sweep" set threshold 100 next edit "icmp_src_session" set threshold 300 next edit "icmp_dst_session" set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next end config application list edit "default" set comment "monitor all applications" config entries edit 1 set action pass next end next end config dlp filepattern edit 1 config entries edit "*.bat" next edit "*.com" next edit "*.dll" next edit "*.doc" next edit "*.exe" next edit "*.gz" next edit "*.hta" next edit "*.ppt" next edit "*.rar" next edit "*.scr" next edit "*.tar" next edit "*.tgz" next edit "*.vb?" next edit "*.wps" next edit "*.xl?" next edit "*.zip" next edit "*.pif" next edit "*.cpl" next end set name "builtin-patterns" next end config dlp rule edit "All-HTTP" set protocol http set sub-protocol http-get http-post https-post https-get set field always next edit "All-Email" set protocol email set sub-protocol smtp pop3 imap smtps pop3s imaps set field always next edit "All-IMAP" set protocol email set sub-protocol imap set field always next edit "All-SMTP" set protocol email set sub-protocol smtp set field always next edit "All-POP3" set protocol email set sub-protocol pop3 set field always next edit "All-FTP" set protocol ftp set sub-protocol ftp-get ftp-put set field always next edit "All-IM" set protocol im set sub-protocol aim icq msn ym set field always next edit "All-AIM" set protocol im set sub-protocol aim set field always next edit "All-ICQ" set protocol im set sub-protocol icq set field always next edit "All-MSN" set protocol im set sub-protocol msn set field always next edit "All-YM" set protocol im set sub-protocol ym set field always next edit "All-NNTP" set protocol nntp set field always next edit "HTTP-Visa-Mastercard" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "HTTP-AmEx" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "HTTP-Canada-SIN" set protocol http set sub-protocol http-post set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "HTTP-US-SSN" set protocol http set sub-protocol http-post set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Email-Visa-Mastercard" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "Email-AmEx" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "Email-Canada-SIN" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "Email-US-SSN" set protocol email set sub-protocol smtp pop3 imap set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Large-FTP-Put" set protocol ftp set sub-protocol ftp-put set field transfer-size set value 5120 set operator greater-equal next edit "Large-Attachment" set protocol email set sub-protocol smtp pop3 imap set field attachment-size set value 5120 set operator greater-equal next edit "Large-HTTP-Post" set protocol http set sub-protocol http-post set field transfer-size set value 5120 set operator greater-equal next edit "Email-Not-Webex" set protocol email set sub-protocol smtp pop3 imap set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "HTTP-Post-Not-Webex" set protocol http set sub-protocol http-post set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "All-HTTPS" set protocol http set sub-protocol https-post https-get set field always next end config dlp compound edit "Email-SIN" set comment "Emails containing canadian SIN but are not WebEx invites" set protocol email set sub-protocol smtp pop3 imap set member "Email-Not-Webex" "Email-Canada-SIN" next edit "HTTP-Post-SIN" set comment "Posts containing canadian SIN but are not WebEx invites" set protocol http set sub-protocol http-post set member "HTTP-Canada-SIN" "HTTP-Post-Not-Webex" next end config dlp sensor edit "Content_Summary" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive summary-only next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive summary-only next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive summary-only next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive summary-only next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Content_Archive" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive enable next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive enable next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive enable next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive enable next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Large-File" config filter edit "Large-Attachment" set filter-type advanced-rule set rule-name "Large-Attachment" next edit "Large-FTP-Put" set filter-type advanced-rule set rule-name "Large-FTP-Put" next edit "Large-HTTP-Post" set filter-type advanced-rule set rule-name "Large-HTTP-Post" next end set dlp-log disable next edit "Credit-Card" config filter edit "Email-AmEx" set filter-type advanced-rule set rule-name "Email-AmEx" next edit "Email-Visa-Mastercard" set filter-type advanced-rule set rule-name "Email-Visa-Mastercard" next edit "HTTP-AmEx" set filter-type advanced-rule set rule-name "HTTP-AmEx" next edit "HTTP-Visa-Mastercard" set filter-type advanced-rule set rule-name "HTTP-Visa-Mastercard" next end set dlp-log disable next edit "SSN-Sensor" config filter edit "Email-US-SSN" set filter-type advanced-rule set rule-name "Email-US-SSN" next edit "HTTP-US-SSN" set filter-type advanced-rule set rule-name "HTTP-US-SSN" next end set dlp-log disable next edit "default" set comment "summary archive email and web traffics" next end config webfilter content end config webfilter urlfilter end config spamfilter bword end config spamfilter emailbwl end config spamfilter ipbwl end config spamfilter mheader end config spamfilter dnsbl end config spamfilter iptrust end config voip profile edit "default" next edit "strict" config sip set malformed-request-line discard set malformed-header-via discard set malformed-header-from discard set malformed-header-to discard set malformed-header-call-id discard set malformed-header-cseq discard set malformed-header-rack discard set malformed-header-rseq discard set malformed-header-contact discard set malformed-header-record-route discard set malformed-header-route discard set malformed-header-expires discard set malformed-header-content-type discard set malformed-header-content-length discard set malformed-header-max-forwards discard set malformed-header-allow discard set malformed-header-p-asserted-identity discard set malformed-header-sdp-v discard set malformed-header-sdp-o discard set malformed-header-sdp-s discard set malformed-header-sdp-i discard set malformed-header-sdp-c discard set malformed-header-sdp-b discard set malformed-header-sdp-z discard set malformed-header-sdp-k discard set malformed-header-sdp-a discard set malformed-header-sdp-t discard set malformed-header-sdp-r discard set malformed-header-sdp-m discard end next end config vpn ssl web host-check-software edit "FortiClient-AV" set guid "C86EC76D-5A4C-40E7-BD94-59358E544D81" next edit "FortiClient-FW" set guid "528CB157-D384-4593-AAAA-E42DFF111CED" set type fw next edit "FortiClient-AV-Vista-Win7" set guid "385618A6-2256-708E-3FB9-7E98B93F91F9" next edit "FortiClient-FW-Vista-Win7" set guid "006D9983-6839-71D6-14E6-D7AD47ECD682" set type fw next edit "AVG-Internet-Security-AV" set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF" next edit "AVG-Internet-Security-FW" set guid "8DECF618-9569-4340-B34A-D78D28969B66" set type fw next edit "AVG-Internet-Security-AV-Vista-Win7" set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82" next edit "AVG-Internet-Security-FW-Vista-Win7" set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9" set type fw next edit "CA-Anti-Virus" set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93" next edit "CA-Internet-Security-AV" set guid "6B98D35F-BB76-41C0-876B-A50645ED099A" next edit "CA-Internet-Security-FW" set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3" set type fw next edit "CA-Internet-Security-AV-Vista-Win7" set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F" next edit "CA-Internet-Security-FW-Vista-Win7" set guid "06D680B0-4024-4FAB-E710-E675E50F6324" set type fw next edit "CA-Personal-Firewall" set guid "14CB4B80-8E52-45EA-905E-67C1267B4160" set type fw next edit "F-Secure-Internet-Security-AV" set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15" next edit "F-Secure-Internet-Security-FW" set guid "D4747503-0346-49EB-9262-997542F79BF4" set type fw next edit "F-Secure-Internet-Security-AV-Vista-Win7" set guid "15414183-282E-D62C-CA37-EF24860A2F17" next edit "F-Secure-Internet-Security-FW-Vista-Win7" set guid "2D7AC0A6-6241-D774-E168-461178D9686C" set type fw next edit "Kaspersky-AV" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" next edit "Kaspersky-FW" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" set type fw next edit "Kaspersky-AV-Vista-Win7" set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE" next edit "Kaspersky-FW-Vista-Win7" set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5" set type fw next edit "McAfee-Internet-Security-Suite-AV" set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83" next edit "McAfee-Internet-Security-Suite-FW" set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8" set type fw next edit "McAfee-Internet-Security-Suite-AV-Vista-Win7" set guid "86355677-4064-3EA7-ABB3-1B136EB04637" next edit "McAfee-Internet-Security-Suite-FW-Vista-Win7" set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C" set type fw next edit "McAfee-Virus-Scan-Enterprise" set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0" next edit "Norton-360-2.0-AV" set guid "A5F1BC7C-EA33-4247-961C-0217208396C4" next edit "Norton-360-2.0-FW" set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3" set type fw next edit "Norton-360-3.0-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-360-3.0-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-Internet-Security-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Norton-Internet-Security-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Symantec-Endpoint-Protection-AV" set guid "FB06448E-52B8-493A-90F3-E43226D3305C" next edit "Symantec-Endpoint-Protection-FW" set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6" set type fw next edit "Symantec-Endpoint-Protection-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Symantec-Endpoint-Protection-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Panda-Antivirus+Firewall-2008-AV" set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A" next edit "Panda-Antivirus+Firewall-2008-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Panda-Internet-Security-AV" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" next edit "Panda-Internet-Security-2006~2007-FW" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" set type fw next edit "Panda-Internet-Security-2008~2009-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Sophos-Anti-Virus" set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD" next edit "Sophos-Enpoint-Secuirty-and-Control-FW" set guid "0786E95E-326A-4524-9691-41EF88FB52EA" set type fw next edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7" set guid "479CCF92-4960-B3E0-7373-BF453B467D2C" next edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7" set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57" set type fw next edit "Trend-Micro-AV" set guid "7D2296BC-32CC-4519-917E-52E652474AF5" next edit "Trend-Micro-FW" set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6" set type fw next edit "Trend-Micro-AV-Vista-Win7" set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50" next edit "Trend-Micro-FW-Vista-Win7" set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B" set type fw next edit "ZoneAlarm-AV" set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF" next edit "ZoneAlarm-FW" set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B" set type fw next edit "ZoneAlarm-AV-Vista-Win7" set guid "D61596DF-D219-341C-49B3-AD30538CBC5B" next edit "ZoneAlarm-FW-Vista-Win7" set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20" set type fw next end config user group edit "FSSO_Guest_Users" set group-type fsso-service next end config webfilter profile edit "strict" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "scan" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "web" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "unfiltered" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "default" set comment "default web filtering" config ftgd-wf unset options end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next end config webfilter override end config webfilter override-user end config webfilter ftgd-warning end config webfilter ftgd-local-rating end config antivirus profile edit "strict" config http set options scan end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "scan" config http set options scan quarantine end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "web" config http set options scan end config nac-quar end set av-virus-log disable set av-block-log disable next edit "default" set comment "scan and delete virus" config http set options scan end config https set options scan end config ftp set options scan end config imap set options scan end config imaps set options scan end config pop3 set options scan end config pop3s set options scan end config smtp set options scan end config smtps set options scan end config nntp set options scan end config im set options scan end next end config spamfilter profile edit "strict" set spam-log disable set options bannedword spamfsip spamfssubmit spamfschksum spamfsurl spamhelodns spamipbwl spamraddrdns spamrbl spamhdrcheck next edit "default" set comment "malware and phishing URL filtering" set spam-log disable next end config firewall service explicit-web edit "webproxy" next end config firewall service group edit "Windows AD" set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB" next edit "Exchange Server" set member "DCE-RPC" "DNS" "HTTPS" next edit "Exchange Server OWA" set member "DNS" "HTTPS" next edit "Outlook" set member "DCE-RPC" "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS" "HTTPS" next end config firewall schedule recurring edit "always" set day sunday monday tuesday wednesday thursday friday saturday next end config firewall ippool edit "pool_192.168.4.0" set endip 192.168.4.10 set startip 192.168.4.1 next end config firewall profile-protocol-options edit "strict" config http set options oversize unset post-lang end config ftp set options oversize splice end config imap set options oversize end config pop3 set options oversize end config smtp set options oversize splice end config smtps set options splice end config nntp set options oversize end config im set options oversize end next edit "scan" config ftp set options splice end config smtp set options splice end config smtps set options splice end next edit "web" config ftp set options splice end config imap set options fragmail end config pop3 set options fragmail end config smtp set options fragmail splice end config smtps set options splice end next edit "unfiltered" config http set options no-content-summary unset post-lang end config https set options no-content-summary unset post-lang end config ftp set options no-content-summary end config imap set options fragmail no-content-summary end config pop3 set options fragmail no-content-summary end config smtp set options fragmail no-content-summary splice end config smtps set options splice end config nntp set options no-content-summary end next edit "default" set comment "all default services" config http set port 80 set options no-content-summary unset post-lang end config https set port 443 set options no-content-summary unset post-lang end config ftp set port 21 set options no-content-summary splice end config ftps set port 990 set options no-content-summary splice unset post-lang end config imap set port 143 set options fragmail no-content-summary end config imaps set port 993 set options fragmail no-content-summary end config pop3 set port 110 set options fragmail no-content-summary end config pop3s set port 995 set options fragmail no-content-summary end config smtp set port 25 set options fragmail no-content-summary splice end config smtps set port 465 set options fragmail no-content-summary splice end config nntp set port 119 set options no-content-summary splice end next end config firewall profile-group edit "strict" set av-profile "strict" set webfilter-profile "strict" set spamfilter-profile "strict" set ips-sensor "all_default" set profile-protocol-options "strict" next edit "scan" set av-profile "scan" set webfilter-profile "scan" set ips-sensor "all_default_pass" set profile-protocol-options "scan" next edit "web" set av-profile "web" set webfilter-profile "web" set profile-protocol-options "web" next edit "unfiltered" set webfilter-profile "unfiltered" set profile-protocol-options "unfiltered" next end config firewall policy edit 1 set srcintf "p1v85" set dstintf "p1v86" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ANY" set nat enable set fixedport enable set ippool enable set poolname "pool_192.168.4.0" next end config firewall local-in-policy end config firewall policy6 end config firewall local-in-policy6 end config firewall interface-policy end config firewall interface-policy6 end config firewall sniff-interface-policy end config firewall sniff-interface-policy6 end config wanopt rule end config imp2p policy set aim deny set icq deny set msn deny set yahoo deny end config router rip config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router ripng config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router static edit 1 set device "p1v86" set gateway 192.168.2.2 next edit 2 set device "p1v85" set dst 192.168.0.0 255.255.255.0 set gateway 192.168.5.2 next end config router ospf config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router ospf6 config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router bgp config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "static" end config redistribute "isis" end config redistribute6 "connected" end config redistribute6 "rip" end config redistribute6 "ospf" end config redistribute6 "static" end config redistribute6 "isis" end end config router isis config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "static" end end config router multicast end end config vdom edit traffic config system replacemsg-group edit "default" set comment "default" next end config firewall address edit "all" next end config webfilter ftgd-local-cat edit "custom1" set id 140 next edit "custom2" set id 141 next end config ips sensor edit "all_default" set comment "all predefined signatures with default setting" config entries edit 1 next end next edit "all_default_pass" set comment "all predefined signatures with PASS action" config entries edit 2 set action pass next end next edit "protect_http_server" set comment "protect against HTTP server-side vulnerabilities" config entries edit 5 set location server set protocol HTTP next end next edit "protect_email_server" set comment "protect against EMail server-side vulnerabilities" config entries edit 4 set location server set protocol SMTP POP3 IMAP next end next edit "protect_client" set comment "protect against client-side vulnerabilities" config entries edit 3 set location client next end next edit "default" set comment "prevent critical attacks" config entries edit 1 set severity high critical next end next end config ips DoS edit "1" config anomaly edit "tcp_syn_flood" set status enable set threshold 2000 next edit "tcp_port_scan" set status enable set threshold 1000 next edit "tcp_src_session" set status enable set threshold 5000 next edit "tcp_dst_session" set status enable set threshold 5000 next edit "udp_flood" set status enable set threshold 2000 next edit "udp_scan" set status enable set threshold 2000 next edit "udp_src_session" set status enable set threshold 5000 next edit "udp_dst_session" set status enable set threshold 5000 next edit "icmp_flood" set status enable set threshold 50 next edit "icmp_sweep" set status enable set threshold 100 next edit "icmp_src_session" set status enable set threshold 300 next edit "icmp_dst_session" set status enable set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next edit "2" config anomaly edit "tcp_syn_flood" set status enable set action block set threshold 2000 next edit "tcp_port_scan" set threshold 1000 next edit "tcp_src_session" set threshold 5000 next edit "tcp_dst_session" set threshold 5000 next edit "udp_flood" set status enable set action block set threshold 2000 next edit "udp_scan" set threshold 2000 next edit "udp_src_session" set threshold 5000 next edit "udp_dst_session" set threshold 5000 next edit "icmp_flood" set status enable set action block set threshold 50 next edit "icmp_sweep" set threshold 100 next edit "icmp_src_session" set threshold 300 next edit "icmp_dst_session" set threshold 1000 next edit "ip_src_session" set threshold 5000 next edit "ip_dst_session" set threshold 5000 next end next end config application list edit "default" set comment "monitor all applications" config entries edit 1 set action pass next end next end config dlp filepattern edit 1 config entries edit "*.bat" next edit "*.com" next edit "*.dll" next edit "*.doc" next edit "*.exe" next edit "*.gz" next edit "*.hta" next edit "*.ppt" next edit "*.rar" next edit "*.scr" next edit "*.tar" next edit "*.tgz" next edit "*.vb?" next edit "*.wps" next edit "*.xl?" next edit "*.zip" next edit "*.pif" next edit "*.cpl" next end set name "builtin-patterns" next end config dlp rule edit "All-HTTP" set protocol http set sub-protocol http-get http-post https-post https-get set field always next edit "All-Email" set protocol email set sub-protocol smtp pop3 imap smtps pop3s imaps set field always next edit "All-IMAP" set protocol email set sub-protocol imap set field always next edit "All-SMTP" set protocol email set sub-protocol smtp set field always next edit "All-POP3" set protocol email set sub-protocol pop3 set field always next edit "All-FTP" set protocol ftp set sub-protocol ftp-get ftp-put set field always next edit "All-IM" set protocol im set sub-protocol aim icq msn ym set field always next edit "All-AIM" set protocol im set sub-protocol aim set field always next edit "All-ICQ" set protocol im set sub-protocol icq set field always next edit "All-MSN" set protocol im set sub-protocol msn set field always next edit "All-YM" set protocol im set sub-protocol ym set field always next edit "All-NNTP" set protocol nntp set field always next edit "HTTP-Visa-Mastercard" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "HTTP-AmEx" set protocol http set sub-protocol http-post set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "HTTP-Canada-SIN" set protocol http set sub-protocol http-post set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "HTTP-US-SSN" set protocol http set sub-protocol http-post set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Email-Visa-Mastercard" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)(4\\d|5[1-5])\\d{2}([ \\-]?)\\d{4}(\\3\\d{4}){2}(\\W|\\b)" next edit "Email-AmEx" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\W|\\b)3[47]\\d{2}([ \\-]?)\\d{6}\\2\\d{5}(\\W|\\b)" next edit "Email-Canada-SIN" set protocol email set sub-protocol smtp pop3 imap set regexp "(\\b|\\W)[1-79]\\d{2}([ \\-]?)\\d{3}\\2\\d{3}(\\b|\\W)" next edit "Email-US-SSN" set protocol email set sub-protocol smtp pop3 imap set regexp "\\b(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}(\\b|\\W)" next edit "Large-FTP-Put" set protocol ftp set sub-protocol ftp-put set field transfer-size set value 5120 set operator greater-equal next edit "Large-Attachment" set protocol email set sub-protocol smtp pop3 imap set field attachment-size set value 5120 set operator greater-equal next edit "Large-HTTP-Post" set protocol http set sub-protocol http-post set field transfer-size set value 5120 set operator greater-equal next edit "Email-Not-Webex" set protocol email set sub-protocol smtp pop3 imap set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "HTTP-Post-Not-Webex" set protocol http set sub-protocol http-post set regexp "WebEx" set regexp-negated enable set regexp-wildcard enable next edit "All-HTTPS" set protocol http set sub-protocol https-post https-get set field always next end config dlp compound edit "Email-SIN" set comment "Emails containing canadian SIN but are not WebEx invites" set protocol email set sub-protocol smtp pop3 imap set member "Email-Not-Webex" "Email-Canada-SIN" next edit "HTTP-Post-SIN" set comment "Posts containing canadian SIN but are not WebEx invites" set protocol http set sub-protocol http-post set member "HTTP-Canada-SIN" "HTTP-Post-Not-Webex" next end config dlp sensor edit "Content_Summary" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive summary-only next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive summary-only next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive summary-only next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive summary-only next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Content_Archive" config filter edit "All-FTP" set filter-type advanced-rule set rule-name "All-FTP" set archive enable next edit "All-Email" set filter-type advanced-rule set rule-name "All-Email" set archive enable next edit "All-HTTP" set filter-type advanced-rule set rule-name "All-HTTP" set archive enable next edit "All-IM" set filter-type advanced-rule set rule-name "All-IM" set archive enable next edit "All-NNTP" set filter-type advanced-rule set rule-name "All-NNTP" next end set dlp-log disable next edit "Large-File" config filter edit "Large-Attachment" set filter-type advanced-rule set rule-name "Large-Attachment" next edit "Large-FTP-Put" set filter-type advanced-rule set rule-name "Large-FTP-Put" next edit "Large-HTTP-Post" set filter-type advanced-rule set rule-name "Large-HTTP-Post" next end set dlp-log disable next edit "Credit-Card" config filter edit "Email-AmEx" set filter-type advanced-rule set rule-name "Email-AmEx" next edit "Email-Visa-Mastercard" set filter-type advanced-rule set rule-name "Email-Visa-Mastercard" next edit "HTTP-AmEx" set filter-type advanced-rule set rule-name "HTTP-AmEx" next edit "HTTP-Visa-Mastercard" set filter-type advanced-rule set rule-name "HTTP-Visa-Mastercard" next end set dlp-log disable next edit "SSN-Sensor" config filter edit "Email-US-SSN" set filter-type advanced-rule set rule-name "Email-US-SSN" next edit "HTTP-US-SSN" set filter-type advanced-rule set rule-name "HTTP-US-SSN" next end set dlp-log disable next edit "default" set comment "summary archive email and web traffics" next end config webfilter content end config webfilter urlfilter end config spamfilter bword end config spamfilter emailbwl end config spamfilter ipbwl end config spamfilter mheader end config spamfilter dnsbl end config spamfilter iptrust end config voip profile edit "default" next edit "strict" config sip set malformed-request-line discard set malformed-header-via discard set malformed-header-from discard set malformed-header-to discard set malformed-header-call-id discard set malformed-header-cseq discard set malformed-header-rack discard set malformed-header-rseq discard set malformed-header-contact discard set malformed-header-record-route discard set malformed-header-route discard set malformed-header-expires discard set malformed-header-content-type discard set malformed-header-content-length discard set malformed-header-max-forwards discard set malformed-header-allow discard set malformed-header-p-asserted-identity discard set malformed-header-sdp-v discard set malformed-header-sdp-o discard set malformed-header-sdp-s discard set malformed-header-sdp-i discard set malformed-header-sdp-c discard set malformed-header-sdp-b discard set malformed-header-sdp-z discard set malformed-header-sdp-k discard set malformed-header-sdp-a discard set malformed-header-sdp-t discard set malformed-header-sdp-r discard set malformed-header-sdp-m discard end next end config vpn ssl web host-check-software edit "FortiClient-AV" set guid "C86EC76D-5A4C-40E7-BD94-59358E544D81" next edit "FortiClient-FW" set guid "528CB157-D384-4593-AAAA-E42DFF111CED" set type fw next edit "FortiClient-AV-Vista-Win7" set guid "385618A6-2256-708E-3FB9-7E98B93F91F9" next edit "FortiClient-FW-Vista-Win7" set guid "006D9983-6839-71D6-14E6-D7AD47ECD682" set type fw next edit "AVG-Internet-Security-AV" set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF" next edit "AVG-Internet-Security-FW" set guid "8DECF618-9569-4340-B34A-D78D28969B66" set type fw next edit "AVG-Internet-Security-AV-Vista-Win7" set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82" next edit "AVG-Internet-Security-FW-Vista-Win7" set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9" set type fw next edit "CA-Anti-Virus" set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93" next edit "CA-Internet-Security-AV" set guid "6B98D35F-BB76-41C0-876B-A50645ED099A" next edit "CA-Internet-Security-FW" set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3" set type fw next edit "CA-Internet-Security-AV-Vista-Win7" set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F" next edit "CA-Internet-Security-FW-Vista-Win7" set guid "06D680B0-4024-4FAB-E710-E675E50F6324" set type fw next edit "CA-Personal-Firewall" set guid "14CB4B80-8E52-45EA-905E-67C1267B4160" set type fw next edit "F-Secure-Internet-Security-AV" set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15" next edit "F-Secure-Internet-Security-FW" set guid "D4747503-0346-49EB-9262-997542F79BF4" set type fw next edit "F-Secure-Internet-Security-AV-Vista-Win7" set guid "15414183-282E-D62C-CA37-EF24860A2F17" next edit "F-Secure-Internet-Security-FW-Vista-Win7" set guid "2D7AC0A6-6241-D774-E168-461178D9686C" set type fw next edit "Kaspersky-AV" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" next edit "Kaspersky-FW" set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0" set type fw next edit "Kaspersky-AV-Vista-Win7" set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE" next edit "Kaspersky-FW-Vista-Win7" set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5" set type fw next edit "McAfee-Internet-Security-Suite-AV" set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83" next edit "McAfee-Internet-Security-Suite-FW" set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8" set type fw next edit "McAfee-Internet-Security-Suite-AV-Vista-Win7" set guid "86355677-4064-3EA7-ABB3-1B136EB04637" next edit "McAfee-Internet-Security-Suite-FW-Vista-Win7" set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C" set type fw next edit "McAfee-Virus-Scan-Enterprise" set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0" next edit "Norton-360-2.0-AV" set guid "A5F1BC7C-EA33-4247-961C-0217208396C4" next edit "Norton-360-2.0-FW" set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3" set type fw next edit "Norton-360-3.0-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-360-3.0-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV" set guid "E10A9785-9598-4754-B552-92431C1C35F8" next edit "Norton-Internet-Security-FW" set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220" set type fw next edit "Norton-Internet-Security-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Norton-Internet-Security-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Symantec-Endpoint-Protection-AV" set guid "FB06448E-52B8-493A-90F3-E43226D3305C" next edit "Symantec-Endpoint-Protection-FW" set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6" set type fw next edit "Symantec-Endpoint-Protection-AV-Vista-Win7" set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855" next edit "Symantec-Endpoint-Protection-FW-Vista-Win7" set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E" set type fw next edit "Panda-Antivirus+Firewall-2008-AV" set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A" next edit "Panda-Antivirus+Firewall-2008-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Panda-Internet-Security-AV" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" next edit "Panda-Internet-Security-2006~2007-FW" set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0" set type fw next edit "Panda-Internet-Security-2008~2009-FW" set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8" set type fw next edit "Sophos-Anti-Virus" set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD" next edit "Sophos-Enpoint-Secuirty-and-Control-FW" set guid "0786E95E-326A-4524-9691-41EF88FB52EA" set type fw next edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7" set guid "479CCF92-4960-B3E0-7373-BF453B467D2C" next edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7" set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57" set type fw next edit "Trend-Micro-AV" set guid "7D2296BC-32CC-4519-917E-52E652474AF5" next edit "Trend-Micro-FW" set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6" set type fw next edit "Trend-Micro-AV-Vista-Win7" set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50" next edit "Trend-Micro-FW-Vista-Win7" set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B" set type fw next edit "ZoneAlarm-AV" set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF" next edit "ZoneAlarm-FW" set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B" set type fw next edit "ZoneAlarm-AV-Vista-Win7" set guid "D61596DF-D219-341C-49B3-AD30538CBC5B" next edit "ZoneAlarm-FW-Vista-Win7" set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20" set type fw next end config user group edit "FSSO_Guest_Users" set group-type fsso-service next end config webfilter profile edit "strict" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "scan" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "web" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "unfiltered" config ftgd-wf set options strict-blocking end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next edit "default" set comment "default web filtering" config ftgd-wf unset options end set web-content-log disable set web-filter-activex disable set web-filter-cookie-log disable set web-filter-applet-log disable set web-filter-jscript-log disable set web-filter-js-log disable set web-filter-vbs-log disable set web-filter-unknown-log disable set web-filter-referer-log disable set web-filter-cookie-removal-log disable set web-url-log disable set web-invalid-domain-log disable set web-ftgd-err-log disable set web-ftgd-quota-usage disable next end config webfilter override end config webfilter override-user end config webfilter ftgd-warning end config webfilter ftgd-local-rating end config antivirus profile edit "strict" config http set options scan end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "scan" config http set options scan quarantine end config ftp set options scan quarantine end config imap set options scan quarantine end config pop3 set options scan quarantine end config smtp set options scan quarantine end config nntp set options scan quarantine end config im set options scan quarantine end config nac-quar end set av-virus-log disable set av-block-log disable next edit "web" config http set options scan end config nac-quar end set av-virus-log disable set av-block-log disable next edit "default" set comment "scan and delete virus" config http set options scan end config https set options scan end config ftp set options scan end config imap set options scan end config imaps set options scan end config pop3 set options scan end config pop3s set options scan end config smtp set options scan end config smtps set options scan end config nntp set options scan end config im set options scan end next end config spamfilter profile edit "strict" set spam-log disable set options bannedword spamfsip spamfssubmit spamfschksum spamfsurl spamhelodns spamipbwl spamraddrdns spamrbl spamhdrcheck next edit "default" set comment "malware and phishing URL filtering" set spam-log disable next end config firewall service explicit-web edit "webproxy" next end config firewall service group edit "Windows AD" set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB" next edit "Exchange Server" set member "DCE-RPC" "DNS" "HTTPS" next edit "Exchange Server OWA" set member "DNS" "HTTPS" next edit "Outlook" set member "DCE-RPC" "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS" "HTTPS" next end config firewall schedule recurring edit "always" set day sunday monday tuesday wednesday thursday friday saturday next end config firewall profile-protocol-options edit "strict" config http set options oversize unset post-lang end config ftp set options oversize splice end config imap set options oversize end config pop3 set options oversize end config smtp set options oversize splice end config smtps set options splice end config nntp set options oversize end config im set options oversize end next edit "scan" config ftp set options splice end config smtp set options splice end config smtps set options splice end next edit "web" config ftp set options splice end config imap set options fragmail end config pop3 set options fragmail end config smtp set options fragmail splice end config smtps set options splice end next edit "unfiltered" config http set options no-content-summary unset post-lang end config https set options no-content-summary unset post-lang end config ftp set options no-content-summary end config imap set options fragmail no-content-summary end config pop3 set options fragmail no-content-summary end config smtp set options fragmail no-content-summary splice end config smtps set options splice end config nntp set options no-content-summary end next edit "default" set comment "all default services" config http set port 80 set options no-content-summary unset post-lang end config https set port 443 set options no-content-summary unset post-lang end config ftp set port 21 set options no-content-summary splice end config ftps set port 990 set options no-content-summary splice unset post-lang end config imap set port 143 set options fragmail no-content-summary end config imaps set port 993 set options fragmail no-content-summary end config pop3 set port 110 set options fragmail no-content-summary end config pop3s set port 995 set options fragmail no-content-summary end config smtp set port 25 set options fragmail no-content-summary splice end config smtps set port 465 set options fragmail no-content-summary splice end config nntp set port 119 set options no-content-summary splice end next end config firewall profile-group edit "strict" set av-profile "strict" set webfilter-profile "strict" set spamfilter-profile "strict" set ips-sensor "all_default" set profile-protocol-options "strict" next edit "scan" set av-profile "scan" set webfilter-profile "scan" set ips-sensor "all_default_pass" set profile-protocol-options "scan" next edit "web" set av-profile "web" set webfilter-profile "web" set profile-protocol-options "web" next edit "unfiltered" set webfilter-profile "unfiltered" set profile-protocol-options "unfiltered" next end config firewall policy edit 1 set srcintf "p3v84" set dstintf "p3v85" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ANY" next edit 2 set srcintf "p3v86" set dstintf "p3v87" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ANY" next end config firewall local-in-policy end config firewall policy6 end config firewall local-in-policy6 end config firewall interface-policy end config firewall interface-policy6 end config firewall sniff-interface-policy end config firewall sniff-interface-policy6 end config wanopt rule end config imp2p policy set aim deny set icq deny set msn deny set yahoo deny end config router rip config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router ripng config redistribute "connected" end config redistribute "static" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "isis" end end config router static edit 3 set device "p3v86" set dst 192.168.0.0 255.255.0.0 set gateway 192.168.2.1 next edit 2 set device "p3v84" set dst 192.168.4.0 255.255.255.0 set gateway 192.168.0.1 next end config router policy edit 1 set input-device "p3v84" set dst 192.168.3.1 255.255.255.255 set gateway 192.168.5.1 set output-device "p3v85" next end config router ospf config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router ospf6 config redistribute "connected" end config redistribute "static" end config redistribute "rip" end config redistribute "bgp" end config redistribute "isis" end end config router bgp config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "static" end config redistribute "isis" end config redistribute6 "connected" end config redistribute6 "rip" end config redistribute6 "ospf" end config redistribute6 "static" end config redistribute6 "isis" end end config router isis config redistribute "connected" end config redistribute "rip" end config redistribute "ospf" end config redistribute "bgp" end config redistribute "static" end end config router multicast end end