Description | This article describes how to prevent organization users from opening links from YouTube adverts with a web filter. |
Scope | FortiGate. |
Solution |
First, it is necessary to add the following external threat feeds:
From the CLI:
config system external-resource edit "test" set uuid e968f1b0-4382-51ee-65d2-8c33c29cb0f5 set category 192 set resource "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" next edit "test2" set uuid e9696fbe-4382-51ee-ec8f-0bf0c8f565ab set category 193 set resource "https://v.firebog.net/hosts/AdguardDNS.txt" next edit "test3" set uuid e96a29ea-4382-51ee-4148-432505bba3fa set category 194 set resource "https://v.firebog.net/hosts/Easylist.txt" next edit "test4" set uuid e96ae178-4382-51ee-df34-cd682e411f8f set category 195 set resource "https://v.firebog.net/hosts/Easyprivacy.txt" next edit "test5" set uuid e96b996a-4382-51ee-eb60-9f8fda46e793 set category 196 set resource "https://v.firebog.net/hosts/Admiral.txt" next edit "test6" set uuid e96c4d42-4382-51ee-ed33-37991e5981a7 set category 197 set resource "https://v.firebog.net/hosts/Prigent-Ads.txt" next edit "test7" set uuid e96d0868-4382-51ee-a81a-d99a3ff307af set category 198 set resource "https://dbl.oisd.nl/" next edit "test8" set uuid e96dacb4-4382-51ee-caf8-9cb36b8d92e3 set category 199 set resource "https://easylist.to/easylist/easylist.txt" next edit "test9" set uuid e96e6bf4-4382-51ee-fe6b-b3c3de8c8e61 set category 200 set resource "https://hosts.oisd.nl/" next end
From the GUI:
Go to Security Fabric -> External Connectors -> Create New -> Fortiguard Category and then enter the URLs above like in the screenshot below:
From the CLI:
config firewall policy edit "1" set name "test" set uuid ef8a2662-437e-51ee-227f-4c73ceeb9543 set srcintf "port2" set dstintf "port1" set action accept set srcaddr "pc 43" set dstaddr "all" set schedule "always" set service "ALL" set utm-status enable set ssl-ssh-profile "deep-inspection" set webfilter-profile "NoAds" set nat enable next end From the GUI:
The same can be seen in the web filter logs under Log & Report -> Security Events -> Web Filter.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.