Helpful ReplyHot!Fortinet Web Filtering

Author
sirisha
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/12/21 01:37:52
  • Status: offline
2017/12/21 03:46:29 (permalink)
0

Fortinet Web Filtering

Hi,
I have recently come across a doubt regarding whether, FortiNet Web Filtering can be used for blocking the access to various social media sites like, Facebook, Twitter, Instagram, etc. If yes, may I know the process involved, please.
 
Thanks in Advance.
#1
blackhole_route
New Member
  • Total Posts : 10
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/05/17 18:00:23
  • Status: offline
Re: Fortinet Web Filtering 2017/12/26 13:30:58 (permalink) ☄ Helpfulby Sidewaysguy 2017/12/29 14:34:36
0
The short answer is yes. As an example, see http://cookbook.fortinet.com/blocking-facebook-56/, the admin guide --> https://docs.fortinet.com/uploaded/files/3999/fortios-handbook-56.pdf, or the Security Profiles guide --> https://docs.fortinet.com/uploaded/files/3648/fortigate-security-profiles-56.pdf
 
The short version is that you can use web filter profiles applied to traffic to allow/deny based on category, as well as specifying url filters to allow/deny specific sites. In order to handle ssl sites, ssl inspection (certificate inspection) will need to be enabled to inspect the ssl client hello and certificate to determine the site for any ssl related communication.
 
Note that you will also need full UTM licensing in order to utilize web filtering features.
 
#2
Sidewaysguy
Bronze Member
  • Total Posts : 31
  • Scores: 3
  • Reward points: 0
  • Status: offline
Re: Fortinet Web Filtering 2017/12/29 14:34:33 (permalink)
0
Hi there,
 
Just to add onto what blackhole_route was saying....  The Webfilter itself is looking at the http request, but most/all social media websites use https and actually fall into the "web app" category.  As noted, the combination of security profiles is needed to properly give or deny access to web resources.
 
Cheers,
 
Sidewaysguy
#3
aviniesky
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/01/30 08:36:41
  • Status: offline
Re: Fortinet Web Filtering 2018/01/30 08:54:40 (permalink)
0
Hi Guys, 
 
Can you help me with a doubt. I' evaluating Fortigate as an option to replace the actual Gateway in my job. 
One requirement i need to be accomplished by the device is web content filtering feature.
 
I saw in a previous message on this thread that I need to have a full UTM license in order to enable this feature in a Fortigate. Is it mandatory or could I access to a basic web content filtering if I don't buy this license?
 
Excuse me for my english, I hope that you understand my question.
 
Thank you very much in advance for your assistance.
Regards.
 
#4
blackhole_route
New Member
  • Total Posts : 10
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/05/17 18:00:23
  • Status: offline
Re: Fortinet Web Filtering 2018/02/03 19:35:07 (permalink)
0
<disclaimer> I am not a representative of Fortinet - just a customer. </disclaimer>
 
My understanding and experience is that for web filtering, you must have the full UTM license.
 
There may be some ability to use explicit proxy functionality with static url matching, but that would not be a desirable or satisfactory option even if it did work.
#5
Jump to:
© 2018 APG vNext Commercial Version 5.5