FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kbahrudin_FTNT
Article Id 191518
Description
In FortiOS v5.2, the default Application sensor has categories enabled by default. These categories cannot be removed via GUI.

kbahrudin_FD36775_tn_FD36775.jpg

Scope
Application sensor.

Solution
The change can be made by using the CLI:

FWF90D # config application list
FWF90D (list) # edit default
FWF90D (default) # sh
config application list
    edit "default"
        set comment "Monitor all applications."
        set other-application-log enable
            config entries
                edit 1
                    set category 2 3 5 6 7 8 12 15 17 19 21 22 23 25 26 28 29 30
                    set action pass
                    set log disable
                next
            end
    next
end

FWF90D (default) # config entries
FWF90D (entries) # edit 1
FWF90D (1) # unset category
FWF90D (1) # set category
ID           Select Category ID
1            IM
2            P2P
3            VoIP
5            Video/Audio
6            Proxy
7            Remote.Access
8            Game
12           General.Interest
15           Network.Service
17           Update
19           Botnet
21           Email
22           Storage.Backup
23           Social.Media
24           File.Sharing
25           Web.Others
26           Industrial
27           Special
28           Collaboration
29           Business
30           Cloud.IT

FWF90D (1) # set category 2 3
FWF90D (1) # end
FWF90D (default) # end

FWF90D # config application list
FWF90D (list) # edit default
FWF90D (default) # sh
config application list
    edit "default"
        set comment "Monitor all applications."
        set other-application-log enable
            config entries
                edit 1
                    set category 2 3
                    set action pass
                    set log disable
                next
            end
    next
end

Contributors