FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Pavan_Chintha
Article Id 337807
Description

 

This article describes how to enable the Web Application Profile option in the GUI and use it in the policy.

 

Scope

 

FortiGate.

 

Solution

 

  1. Make sure the NGFW mode is in the profile-based mode, this feature is not supported in the policy-based mode.

  2. This feature is not supported in the models with less than 2GB RAM starting from the Forti OS firmware version 7.4.4.

  3. In the GUI, go to System -> Feature Visibility -> Enable the Web Application Firewall option and select Apply. 
  4. If the Web Application Firewall option is greyed out then refer to the below article:
    Technical Tip: How to enable WAF in policy
    If not, continue on step 5.


WAF_Feature.jpg

 

Once it is enabled, WAF profiles can be configured under the security profiles.

  1. To Apply the WAF profile, make sure the inspection mode is set to the proxy-based inspection in the policy.


WAF_Policy.jpg

 

Web Application Firewall profile is only supported in the proxy-based inspection not in the flow-based inspection.