Proxy Policy to filter different User-Agents?

Forum|Forum|7 years ago
November 23, 2018
1 reply
6674 views

Hi all,

Is there a way to filter on FGT 5.6.x inside a proxy policy by custom User-Agent?

I know there are some specific proxy-source objects which can be configured with some User-Agents (e.g. Internet Explorer in drop-down list).

In my case I need to filter for a custom User-Agent.

I know it's possible to build customer application signatures but unfortuantely I couldn't find any information on how to build such customer signatures. Is it like SNORT syntax?

In the logs I see that FGT recognizes the User-Agent correctly, so probably there should also be a way to use that information for proxy rules?!

Thanks for feedback

Cheers Thrillseeker

emnoc

New Member

I wrote article many years back on my custom UA signature. For HTTPS website you need decryption in order to use the signature for the obvious reasons and how much of a DPI resource hit for decryption and UA inspection are ?s that you would need to take into considerations

http://socpuppet.blogspot.com/2014/06/using-fortigate-firewall-to-find-and.html

To answer the 1st part, I never seen a predefined UA list but really haven't did a lot of UA filter in a proxy.

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded