Security profiles

Kaspersky NGFW can security engines to scan and analyze the contents of network traffic passing through it. Security engines are implemented as security profiles, in which you can configure traffic scanning and analysis. Security profiles are applied to traffic when a security rule is triggered.

The following security engines are available for Kaspersky NGFW:

• Web Control for managing user access to websites based on categories.
• DNS Security for scanning DNS traffic and detect malicious and phishing domains.
• Anti-Virus for scanning traffic for viruses.
• IDPS (Intrusion Detection and Prevention System) for detecting and preventing attacks or threats in traffic based on a rule/signature database.

Applying security profiles to traffic scanning involves the following steps:

1. Creating a security profile

   In the security profile, specify settings for scanning traffic using the selected security engine. For each of the available security engines, you can create and configure security profiles to configure the scanning of traffic passing through Kaspersky NGFW:

   • Creating a Web Control profile
   • Creating a DNS Security profile
   • Creating an Anti-Virus profile
   • Creating an IDPS profile
2. Creating a security profile group

   Create a security profile group based on one or more security profiles. For each security profile group, you must enable one or more security engines and select a security profile for each security engine.

3. Adding a security profile group to a security rule

   Add a security profile group to a security rule with the Inspect action to apply this security profile group to traffic content scanning. After you enable the security rule with the added security profile group, the security profiles included in it are applied to scanning the content of traffic that satisfies the criteria configured for the security rule.

In this section Security profile groups Web Control DNS Security Anti-Virus Intrusion Detection and Prevention System

Page top