Skip to main content
SecurityPlus
SecurityPlus
Explorer III
April 27, 2020
Question

Whitelist Applications

  • April 27, 2020
  • 1 reply
  • 7509 views

We are running some backup software that the backup software provider has suggested that we whitelist in the firewall. Is it possible in the FortiGate to whitelist applications such as:

Application 1.exe

Application 2.exe

 

This involves a FortiGate 60E running FortiOS 6.0.9.

 

If so how is this done? I look at application control and could not find how to do this. The applications that need to be whitelisted are not in the list of applications in the FortiGate that I can find.

    1 reply

    localhost
    localhost
    Visitor III
    May 2, 2020

    No.. I doesn't work like that on the Fortigate.

     

    Your firewall is not aware what applications your computer is running. It's just inspecting the network traffic, and based on signatures it tries to identify the application.

     

    So first thing I would do is, look into your log files to see what application the Fortigate is detecting for your backup connection. For this to be visible, all categories in the application control profile must be set to monitored, and log must be set to 'all' on your firewall rule.

     

    But why not just create a seperate firewall rule based on IP and Ports for all you backup connections?

    FortiLearner
    FortiLearner
    New Member
    May 4, 2020

    I dont think you can whitelist a .exe on application control that more related to DLP.

    Dave_Hall
    Dave_Hall
    New Member
    May 4, 2020

    The backup vendor's website should have an FAQ or technical notes for what ports to open up on your firewall.  I agree with Sander (localhost) - this is more about port fowarding/firewall unblocking, though the vendor could be using standard API/TCP/IP protocols.

    Terms & ConditionsAccessibility statement