Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Dongfang_Li_FTNT
Staff
Staff

Created on ‎01-11-2024 10:09 AM Edited on ‎08-19-2024 06:19 AM By Moderator

Article Id 293696

Technical Tip: Block TikTok with a block message

Description This article describes how to block TikTok and displaying a block message.
Scope FortiOS v6.4.14, v7.0.13, v7.2.6, v7.4.2.
Solution

See this article for instructions on how to block TikTok with the web filter alone.

 

The web filter may not be the preferred option to fully block TikTok because some foreign countries have no keyword ‘TikTok’ in the URL.

 

However, application control can block TikTok by signature. When web filter, application control, and SSL deep inspection are enabled in the same firewall policy, application control will trigger first and block the connection.

 

Application control can block traffic in both flow-based and proxy-based inspection mode policies:

 

Policy in flow base inspection mode: FortiGate will send a block message showing that the TikTok connection is blocked by application control.

 

tiktok2.png

 

Policy in proxy inspection mode: FortiGate will not send a block message after the connection is blocked.  

 

Solution: change the policy inspection mode to flow-based inspection mode.

 

config firewall policy

edit <id>

inspection-mode flow

end
3800
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.