Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes
- Member List
- Online User List
- User Groups

Videos, Docs Library, KB
Fuse
- Fuse Fortinet User Community

Mark Thread UnreadFlat Reading Mode ❐

Internet Services database

Author Post Essentials Only Full Version
Kurre New Member Total Posts : 1 Scores: 0 Reward points: 0 Joined: 2020/12/29 18:39:19 Status: offline 2021/01/12 17:26:17 (permalink) 0 Internet Services database Hi, bit of a noob...I am wondering about the Internet Services database..what is the general practice with this? I recently installed a 60F and engaged a colleague to help me setup the firewall policies and he decided to basically look up Microsoft and BitDefender websites, etc for what ip address and urls to allow..while this is sensible I have noticed that there is an Internet database services that also lists all these services for Microsoft and Bitdefender and others...what is the general opinion about this? I raised it with my colleague and he said I was not as safe because someone could get to those lists and then I was compromised..I understand the logic but realistically how valid is this? I am finding that I am having to keep adding addresses to get certain sites to work properly because either the documentation is out of date or the url was missing from the doco...having Fortinet keep this up-to-date would be a big convenience but what is the general practice here? what do most sys admins do? unlock as urls are needed or use the Internet Services database? #1 1 Reply Related Threads
Yurisk Gold Member Total Posts : 157 Scores: 32 Reward points: 0 Joined: 2011/12/04 03:30:01 Status: offline Re: Internet Services database 2021/01/13 08:51:49 (permalink) 0 That is exactly the use case for ISDB - to ease management of CDN/multi-server destinations and make it more secure. 10 years ago, it was possible to manage all the IP addresses of Facebook/Gmail/etc manually (hey, I did it https://yurisk.info/2010/11/15/ip-address-pools-of-facebook/ :) ) but today it is a recipe for failure. Regarding your friend opinion - who do you think has access to more volume and quality information, your friend or FortiGuard labs, employing 215 analysts, gathering 100 billion security events every day and having 200 partnership agreements with other security players? :) The answer is obvious. I do use ISDB extensively with our clients. Yuri https://yurisk.info/ #2

Author

Post

Essentials Only Full Version

Kurre

New Member

Total Posts : 1
Scores: 0
Reward points: 0
Joined: 2020/12/29 18:39:19
Status: offline

2021/01/12 17:26:17 (permalink)

Internet Services database

Hi,

bit of a noob...I am wondering about the Internet Services database..what is the general practice with this?

I recently installed a 60F and engaged a colleague to help me setup the firewall policies and he decided to basically look up Microsoft and BitDefender websites, etc for what ip address and urls to allow..while this is sensible I have noticed that there is an Internet database services that also lists all these services for Microsoft and Bitdefender and others...what is the general opinion about this? I raised it with my colleague and he said I was not as safe because someone could get to those lists and then I was compromised..I understand the logic but realistically how valid is this? I am finding that I am having to keep adding addresses to get certain sites to work properly because either the documentation is out of date or the url was missing from the doco...having Fortinet keep this up-to-date would be a big convenience but what is the general practice here? what do most sys admins do? unlock as urls are needed or use the Internet Services database?

1 Reply Related Threads

Yurisk

Gold Member

Total Posts : 157
Scores: 32
Reward points: 0
Joined: 2011/12/04 03:30:01
Status: offline

Re: Internet Services database 2021/01/13 08:51:49 (permalink)

That is exactly the use case for ISDB - to ease management of CDN/multi-server destinations and make it more secure. 10 years ago, it was possible to manage all the IP addresses of Facebook/Gmail/etc manually (hey, I did it https://yurisk.info/2010/11/15/ip-address-pools-of-facebook/ :) ) but today it is a recipe for failure.
Regarding your friend opinion - who do you think has access to more volume and quality information, your friend or FortiGuard labs, employing 215 analysts, gathering 100 billion security events every day and having 200 partnership agreements with other security players? :) The answer is obvious.

I do use ISDB extensively with our clients.

Yuri
https://yurisk.info/

Jump to: