FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article explains how to block the below over Internet Server Database:
Blockchain-Crypto.Mining.Pool (can be used only as Destination address) Botnet-C&C.Server Malicious-Malicious.Server Phishing-Phishing.Server Proxy-Proxy.Server Spam-Spamming.Server Tor-Exit.Node (can be used only as source address) Tor-Relay.Node VPN-Anonymous.VPN
Internet service Database has 2 fields:
1) Predefined Internet Services (known reputed sites). 2) IP Reputation Database (Potential threat sites).
Threat sites can be blocked by setting a minimum reputation value on the firewall policy over CLI or by using IP reputation in the internet service database.
Using the internet service database gives us the advantage of using more specific categories on the firewall policy
In the below example, an outbound block rule has been configured to stop potential threat websites:
Refer to the below article to set the minimum reputation value on the firewall policy:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.