What do security policies in FortiGate control?

Security policies in FortiGate primarily control traffic flow and the security measures that are applied to network traffic. In the context of a FortiGate firewall, security policies function as rules that define how incoming and outgoing traffic is handled. They can determine whether traffic is allowed or denied based on various criteria such as the source and destination IP addresses, ports, and protocols.

When a security policy is configured, it specifies the actions to be taken for matched traffic. For example, a policy might permit HTTP traffic from a specific network while blocking FTP traffic. This enforcement ensures security within the network by applying specific controls that align with organizational policies and security postures.

The other options, while they touch on aspects of network management, do not adequately capture the primary responsibility of security policies. For instance, while user access might be a component of a broader security strategy, it does not encompass the full scope of what security policies are designed to do. Similarly, traffic behavior and emergency responses are more dynamic and situational rather than defined by static policy rules. Application performance and maintenance tasks are also not directly governed by security policies; rather, they could be influenced by network configurations but are outside the realm of what security policies primarily address.