Skip to main content
cfraser
cfraser
Explorer
March 25, 2025
Question

Allow users to get to Microsoft but nothing else

  • March 25, 2025
  • 2 replies
  • 841 views

Hi, 

 

We are a school using FortiGate on v7.4.7. 

 

We have recently updated our Office package from 2016 to O365, which needs the users to have a licence to be able to access the Office apps. 


With exam season coming up, we need to set up a web filter to allow users to authenticate against O365, but not access anything else on the web. Has anyone successfully done this? Our web groups are based on a security group from on-prem AD. 

 

We do block Edge, Chrome and IE via GPO, but the exam board are quite strict about restrictions schools have. 

 

Thanks, 

Cameron

2 replies

akumar02
Staff & Editor
akumar02
Staff & Editor
March 25, 2025

Hello @cfraser ,
You can use ISDB for Microsoft in the Policies and block everything else. 
Make sure you have the DNS policy allowed above the ISDB policy. 
https://docs.fortinet.com/document/fortigate-cnf/latest/administration-guide/613009/internet-service-database-objects

    iamakk
    iamakk
    Explorer
    April 2, 2025

    Hello, you can create the dedicated firewall policy to achieve this and it will allow to connect only office 365 and other internet will remain block.Screenshot 2025-04-02 112841.png

      Terms & ConditionsAccessibility statement