| Parameter | Choices/Defaults | Comments | 
                
                                                            | adom 
                    -
                                                                 | Default: 
 "root" | The ADOM the configuration should belong to. | 
                            
                                                            | block_action 
                    string
                                                                 |  | Action to take for blocked domains. choice | block | Return NXDOMAIN for blocked domains. choice | redirect | Redirect blocked domains to SDNS portal. | 
                            
                                                            | block_botnet 
                    string
                                                                 |  | Enable/disable blocking botnet C&C; DNS lookups. choice | disable | Disable blocking botnet C&C; DNS lookups. choice | enable | Enable blocking botnet C&C; DNS lookups. | 
                            
                                                            | comment 
                    string
                                                                 |  | Comment for the security profile to show in the FortiManager GUI. | 
                            
                                                            | domain_filter_domain_filter_table 
                    string
                                                                 |  | DNS domain filter table ID. | 
                            
                                                            | external_ip_blocklist 
                    string
                                                                 |  | One or more external IP block lists. | 
                            
                                                            | ftgd_dns_filters_action 
                    string
                                                                 |  | Action to take for DNS requests matching the category. choice | monitor | Allow DNS requests matching the category and log the result. choice | block | Block DNS requests matching the category. | 
                            
                                                            | ftgd_dns_filters_category 
                    string
                                                                 |  | Category number. | 
                            
                                                            | ftgd_dns_filters_log 
                    string
                                                                 |  | Enable/disable DNS filter logging for this DNS profile. choice | disable | Disable DNS filter logging. choice | enable | Enable DNS filter logging. | 
                            
                                                            | ftgd_dns_options 
                    string
                                                                 | Choices:
                                                                                                                                                            error-allowftgd-disable | FortiGuard DNS filter options. FLAG Based Options. Specify multiple in list form. flag | error-allow | Allow all domains when FortiGuard DNS servers fail. flag | ftgd-disable | Disable FortiGuard DNS domain rating. | 
                            
                                                            | log_all_domain 
                    string
                                                                 |  | Enable/disable logging of all domains visited (detailed DNS logging). choice | disable | Disable logging of all domains visited. choice | enable | Enable logging of all domains visited. | 
                            
                                                            | mode 
                    -
                                                                 | Choices:
                                                                                                                                                            add ←setdeleteupdate | Sets one of three modes for managing the object. Allows use of soft-adds instead of overwriting existing values. | 
                            
                                                            | name 
                    string
                                                                 |  | Profile name. | 
                            
                                                            | redirect_portal 
                    string
                                                                 |  | IP address of the SDNS redirect portal. | 
                            
                                                            | safe_search 
                    string
                                                                 |  | Enable/disable Google, Bing, and YouTube safe search. choice | disable | Disable Google, Bing, and YouTube safe search. choice | enable | Enable Google, Bing, and YouTube safe search. | 
                            
                                                            | sdns_domain_log 
                    string
                                                                 |  | Enable/disable domain filtering and botnet domain logging. choice | disable | Disable domain filtering and botnet domain logging. choice | enable | Enable domain filtering and botnet domain logging. | 
                            
                                                            | sdns_ftgd_err_log 
                    string
                                                                 |  | Enable/disable FortiGuard SDNS rating error logging. choice | disable | Disable FortiGuard SDNS rating error logging. choice | enable | Enable FortiGuard SDNS rating error logging. | 
                            
                                                            | youtube_restrict 
                    string
                                                                 |  | Set safe search for YouTube restriction level. choice | strict | Enable strict safe seach for YouTube. choice | moderate | Enable moderate safe search for YouTube. |