Allow missing app - how to add app & overwrite it

Question

hi guys .i am trying to find an app that is missing in the fortigate pool (when i search for it it show nothing)our crm team use https://www.clickdesk.com/ for web chat with clients  the goal is this :i want to block most of the apps (by category) and allow specific (overwrite) i dont find "clickdesk" in the app control pool is there any way to add clickdesk to the system so i can mange this app - and allow it over blocking most of the app (by block a hole category in comprehensive way - like "social.media" and still let specific app pass Through)"clickdesk" is for chat on web app, it fall under one of the category that i block as explainedhow can i add clickdesk and how can i make sure it allowed over the blocking category.thanks a lot for any responses.

hmtay_FTNT · Answer

Hello Rizo,

Yes, what you are trying to do is whitelisting. You need to be using FortiOS 5.2 and above to have this feature. If you are using FortiOS 5.2, I will send you a new engine that supports this. If you are using FortiOS 5.4, your engine version should be high enough to support whitelisting with custom signatures. You need to have IPS Engine 3.299 and above to do it.

F-SBID( --name "<Any Name>"; --protocol tcp; --service SSL; --pattern "<host name>"; --context host; --no_case; --app_cat 12; --weight 100; ) In your example, the way to put the link into the signature is: F-SBID( --name "Clickdesk.Custom"; --protocol tcp; --service SSL; --pattern "clickdesk.com"; --context host; --no_case; --app_cat 12; --weight 100; )

Set the signature in Application Override to Monitor. That should whitelist the site. Another thing to note for is you might need to add more than one signatures if the page loads other sites. You can inspect with Wireshark or with the browser debugging tools to find out what sites are loaded and add those too.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded