This article describes how to block Facebook while allowing Messenger, to use an application control profile in Firewall FortiGate.
Application control.
1. On PC:
Step 1: create a new application control profile in FortiGate -> Security Profile -> Application Control.
Step 2: add application and filter overrides to allow Messenger and Facebook_Chat, and block all other Facebook signatures.
Step 3: apply the application profile in the Firewall policy, and remember to choose Deep inspection.
Step 4: download and import FortiGate's certificate into the client's PC, following this article:
Importing the certificate into web browsers - FortiGate cookbook.
On the client PC:
2. On Mobile devices.
FortiGate is unable to inspect the SSL traffic of Facebook and Facebook Messenger applications due to certificate pinning, it is impossible to differentiate the traffic between the two. Without inspecting the SSL traffic, it is impossible to block the Facebook app while allowing the Messenger app on mobile devices.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.