Hot!'Reputable Websites' for SSL inspection

Author
TimB_Unbound
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Joined: 2015/06/17 09:24:23
  • Status: offline
2016/10/18 13:38:40 (permalink)
0

'Reputable Websites' for SSL inspection

What defines a reputable website? 
 
With the new Reputable Websites option in 5.4.1 I'd really like to understand what actually defines a reputable website. I understand from the documentation that it is a "secure white list database" of "reputable domain names that cain be excluded from ssl deep inspection".
 
When working with something that can potentially poke a very large hole in my security fabric I'd really like a better understanding of exactly how this works. For any Fortinet staff, if this is something proprietary a general answer would be great..
 
Although I'm looking for a general answer I'm mostly concerned with how sites that include user content are handled. 
#1
telecosistem
Bronze Member
  • Total Posts : 35
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/01/24 04:33:04
  • Location: Barcelona
  • Status: offline
Re: 'Reputable Websites' for SSL inspection 2016/10/25 09:40:13 (permalink)
0
This new feature above 5.4 firmware help you to indicate a white list of websites. This database is syncrhonized through Fortiguard. On this way won't apply the SSL content for these websites.
 
Best regards,
 
Follow us: 
SSL Content - Fortinet en español.

https://networkingcontrol.../ssl-content-fortinet/
#2
TimB_Unbound
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Joined: 2015/06/17 09:24:23
  • Status: offline
Re: 'Reputable Websites' for SSL inspection 2016/11/10 08:39:14 (permalink)
0
telecosistem, thanks for the input but it doesn't really help describe what this function would allow through unencrypted.
 
A couple cases that I would have thought should have been addressed - google.com and a couple core addresses used for Skype for Business - are both still being inspected with this option enabled. 
 
We should have better understanding of the what these products are actually doing. 
#3
tmacca
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/11/18 07:06:12
  • Status: offline
Re: 'Reputable Websites' for SSL inspection 2016/11/18 08:33:00 (permalink)
0
+1 from me
 
I would like to know more about the 'reputable websites'
Where can I find out what sites are on this list? How is it maintained? What constitutes a 'reputable site'?
 
Thanks
 
#4
gsarica
Bronze Member
  • Total Posts : 60
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/07/28 13:23:52
  • Status: offline
Re: 'Reputable Websites' for SSL inspection 2016/11/18 09:08:28 (permalink)
0
I could be wrong, but I believe it's the list in System -> Reputation. You can type in a site like www.google.com and see the reputation, maybe if it's listed as 'trusted' here it's passed through inspection?
#5
tmacca
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/11/18 07:06:12
  • Status: offline
Re: 'Reputable Websites' for SSL inspection 2016/11/21 01:47:52 (permalink)
0
Hi gsarica, thanks for your response
 
I can't see that menu option? (600c running 5.2.8)


Where exactly do I find this?
 
TIA 
post edited by tmacca - 2016/11/21 02:07:28
#6
gsarica
Bronze Member
  • Total Posts : 60
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/07/28 13:23:52
  • Status: offline
Re: 'Reputable Websites' for SSL inspection 2016/11/28 05:47:01 (permalink)
0
Sorry we're running 5.4.2 like the OP, the option seems to be there for us. Not sure about 5.2.8.
#7
sthampi_FTNT
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/12/14 20:51:14
  • Status: offline
Re: 'Reputable Websites' for SSL inspection 2018/11/14 06:42:08 (permalink)
0
Hello,
 
Looks like this post is very old, but answering this question so that it might help others.
 
Yes it is a white-list database, which is updated by our FortiGuard team. 
 
You can view the list of trusted URLs by navigating to System > Reputation > (search for trusted)
If you don't see the Reputation section under System tab, you will need enable "Domain & IP Reputation" field under "Feature Visibility"
 
GUI might not show the entire content, so you can send a monitor API request to retrieve the entire output in JSON format.

A sample API Request/Response:
 
http://10.5.25.31/api/v2/monitor/webfilter/trusted-urls?vdom=root
{
"http_method":"GET",
"revision":"2.00221(2018-11-13 08:05)",
"results":[
{
"includes_subdomains":0,
"url":"tsiss.com",
"url_length":9
},
{
"includes_subdomains":0,
"url":"ehipassikoschool.sch.id",
"url_length":23
},
{

..........................................
..........................................
  ],
"vdom":"root",
"path":"webfilter",
"name":"trusted-urls",
"status":"success",
"serial":"FGVM010000052771",
"version":"v6.0.2",
"build":163
}
#8
Jump to:
© 2019 APG vNext Commercial Version 5.5