Hello,
we have been asked to implement the UK Government's Prevent agenda web filtering to stop people going to radicalisation sites etc. Does anyone have any guides or notes on what to do to implement it on the FortiGate firewalls?
Thanks,
Paul
I don't have any official guides or notes, but some quick thoughts:
You probably want to look through the Web Filter Categories: [link]https://fortiguard.com/webfilter/categories.[/link]
Blocking the "Extremist Groups" category using both Web Filter and DNS Filter would be a start.
You would need to do SSL inspection. Note that this means you need to deal with setting up your own internal certificate authority and making sure all users have your certificate installed. This will absolutely require work to avoid causing issues for sites and apps that use certificate pinning or have privacy issues.
To avoid people working around the filters you'd need to block the "Proxy Avoidance" category through web and dns filters, and "Proxy" category through Application Control. Note that this might block valid VPN use, so you might need to tweak the settings.
Beyond that start, I would contact TAC directly. They may already have a template to follow.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
