Hot!Blocking fake-HTTP(S) traffic with Web-Filter

Author
jollerlee
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/01/25 20:56:25
  • Status: offline
2021/01/25 21:20:18 (permalink) 5.6
0

Blocking fake-HTTP(S) traffic with Web-Filter

We protect a group of servers with a Fortigate 500D (running OS 5.6).
What I am trying is block all outbound traffic with only a few exceptions, such as Windows Update.
Since they are servers, they do not need access to most of the websites out there.
So I white-list those exceptions with url-filters (due to the lack of license).
 
The problem is, while my Fortigate makes it to block outbound web requests to those not white-listed, 
it forwards "fake" HTTP traffic, that is, non-HTTP(s) traffic from 80/443 ports.
I've tried "Block invalid URLs", with no luck.
 
I prefer web-filter to FQDN addresses, because I need partial hostnames and wildcards.
Besides, FQDN for IPv6 is not available in my version of OS.
 
Is it possible to have web-filter block non-HTTP traffic?
 
#1

0 Replies Related Threads

    Jump to:
    © 2021 APG vNext Commercial Version 5.5