Before configuring security, you must first enable and set up the Profiler. The Profiler is a network-analysis tool that helps you learn about your internal network, enabling you to create effective security policies and minimize unnecessary log records. After you configure the Profiler, it automatically learns about your internal network and the elements that comprise it, including hosts, peers (which host is talking to which other host), ports (non-IP protocols, TCP/UDP ports, RPC programs), and Layer 7 data that uniquely identifies hosts, applications, commands, users, and filenames.

The Profiler is supported in all IDP modes and in HA configurations, and it queries and correlates information from multiple devices. For details on analyzing your network, see the Network and Security Manager Administration Guide. This chapter provides information on setting up the Profiler and configuring antivirus settings, including antispam and Web filtering.

This chapter contains the following topics: