Technical Tip: Identifying file sharing and storage websites monitored or blocked by FortiGate

To identify file-sharing and storage websites that are monitored or blocked by the FortiGate firewall, follow these steps:

1. Go to System -> FortiGate -> Web Filter -> Profile and select the profile that was created.
2. Under the Categories section, find the File Sharing and Storage category and set the action to Monitor.
3. Once the category action is set to Monitor, the FortiGate will start logging the websites that fall under this category.
4. To gather the list of websites used by internal users, go to Log & Report -> Traffic Log -> Forward Traffic and filter the logs by the File Sharing and Storage category.
5. If a service (for example, iCloud) under the File Sharing and Storage category is blocked by the FortiGate and logged as 'UTM Blocked' in Forward Traffic logs, despite the category is set to Monitor in the Web Filter profile, it is then important to verify the Application Control profile to ensure the same category or application is set to Allow or Monitor in both UTM profiles to prevent blocking required services for internal users (see the attached example).

Note:

The list of file-sharing and storage websites is dynamic and maintained by the FortiGuard team. Some examples of domains/URLs belonging to the File Sharing and Storage category include:

• dropbox.com
• onedrive.com
• drive.google.com
• filetransfer.io
• icloud.com
• air.inc

Related document:

Configuring a web filter profile