Profiles

Selecting a profile

These application profiles contain the configuration of the protocol scan, which is capable of raising alarms. An inspection profile is made up of a set of application profiles per protocol. By default, the inspection profile IPS_00 contains the application profiles protocole_00, and so on. These are the inspection profiles that will be applied in the filter policy.

For information, in factory configuration the inspection profile IPS_00 is intended for internal interfaces, applied to incoming traffic. The profile meant for public interfaces applied to outgoing traffic is the profile IPS_01.

The drop-down list offers 10 profiles, numbered from 00 to 09.

Each profile has by default the name of the protocol, accompanied by its number.

Examples:

  • http_00
  • (1) http_01…

Buttons

Edit

This function allows performing 3 operations on profiles:

 

  • Rename: by clicking on this option, a window comprising two fields will appear. It will allow you to modify the name and add comments. Once the operation has been performed, click on “Update”. This operation can also be cancelled.
  • Reinitialize: allows resetting the profile to its initial configuration, thereby deleting all changes made to the profile.
  • Copy to: This option allows copying a profile to another, with all the information from the copied profile transmitted to the receiving profile. It will also have the same name.
Last modification

This icon allows finding out the exact date and time of the last modification. If the selected profile has comments, they will be displayed in the tooltip.

Go to global configuration

This option contains the list of default TCP ports. This option is accessible in each protocol except: IP, ICMP, RTP, RTCP.

 

You can Add or Delete ports by clicking on the respective buttons.

 

Please refer to the following section to find out which settings are offered in the global configuration.

NOTE

The global configuration of SSL and TCP/UDP protocols is carried out differently. They are described in a sub-section under the section Global protocol configuration.