FortiGate White List of URL's

Forum|Forum|4 years ago
February 3, 2022
1 reply
29947 views

We have a basic policy to allow everything, but with Application Control and Intrusion Protection profiles, and already above we added prohibiting policies to specific addresses that are prohibited to clients or who attacked us. But now we are asked to test the possibility of adding a whitelist of sites that will never be blocked and automate the process of updating this list. Can I just create a Web Filter profile and add addresses there with the Allow action so that I can then apply it to the main policy? Won't this block all other addresses? How to automate it?

FortiGate

R_F

Explorer

Im not sure for automation, but choosing between allow and exempt websites I would rather select Exempt as an action.

Pls see below link detailed info regarding URL Web Filter action.

Difference between allow and exempt in web filter - Fortinet Community

DubosAuthor

Explorer II

The documentation on this topic says "URLs with an action set to exempt are not scanned for viruses", but I think this is a significant decrease in the security of our network. We need FortiGate to protect us from traffic even from these sites, but not block access to them... As if creating additional confidence that we will not accidentally block them by pursuing a policy from above.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded