Description
In recent network implementation it is minimum security requirement to block the users from accessing malicious web sites such as phishing websites.
This article describes how to block malicious web sites.
Solution
On UTM units like FortiGate, it is very easy to block users accessing malicious web sites in one go using the web filter feature.
Here are simple steps to achieve it.
1) Go to the Security profile -> Web Filter, select 'Create New' or edit existing web filter profile.
Navigate to option called 'FortiGuard category based filter', expand 'Security Risk' category and then find the sub-category 'Malicious Websites',select it and select the option as 'Block'.
In recent network implementation it is minimum security requirement to block the users from accessing malicious web sites such as phishing websites.
This article describes how to block malicious web sites.
Solution
On UTM units like FortiGate, it is very easy to block users accessing malicious web sites in one go using the web filter feature.
Here are simple steps to achieve it.
1) Go to the Security profile -> Web Filter, select 'Create New' or edit existing web filter profile.
Navigate to option called 'FortiGuard category based filter', expand 'Security Risk' category and then find the sub-category 'Malicious Websites',select it and select the option as 'Block'.
2) Now map this Web filter profile to the security policies.
Go to Policy and Object -> IPv4 Policy and select 'Create New'.
Select respective incoming, outgoing interface, and source subnets and destination as ALL (As destination is Internet).
Make sure to select the SSL certificate inspection as SSL deep inspection profile to inspect the HTTPS header properly.
Refer the following as example:
Go to Policy and Object -> IPv4 Policy and select 'Create New'.
Select respective incoming, outgoing interface, and source subnets and destination as ALL (As destination is Internet).
Make sure to select the SSL certificate inspection as SSL deep inspection profile to inspect the HTTPS header properly.
Refer the following as example:
Test from accessing any malicious web site from the users browser.
