A profile can have its own firewall policy, wireless client role policy, WEP shared key authentication, NAT policy, and VPN policy (controllers and service platforms only) applied. If an existing firewall, client role, or NAT policy is unavailable, an administrator can be navigated from the Profiles portion of the UI to the ConfigurationSecurity portion to create the required security policy configuration. Once created, a policy's configuration can have an override applied to meet the changing data protection requirements of a device's environment. When this is done, however, the device must now be managed separately from the profile configuration shared by other devices within the managed network.
For more information on applying an override to an existing device profile, refer to the following sections: