Description
This article explains the order in which web filtering steps are executed.
Solution
There is a specific order of execution of the web filtering steps:
- Static URL Filtering: Static URL filtering (Note when using the URL filter ‘Exempt’ option, Antivirus, File Filter, and DLP scanning are exempt besides web-filtering by default. It is possible to configure manually any particular inspection(s) which are to be bypassed by using the 'set exempt' command in 'config webfilter urlfilter').
- FortiGuard categories: URLs are checked against Fortinet's cloud-based service for categorization and reputation checks. The traffic is allowed or blocked based on the predefined categories and the rules set by the administrator.
- Content: This involves scanning the web content for malicious content, viruses, and inappropriate material.
Content filtering ensures that harmful or undesirable content is not delivered to the user.
- Advanced options: This includes additional filtering and inspection options such as blocking Java applets.
These options are only available when the inspection mode is set to proxy.
Note:
- FortiOS 6.2 has a File Filter added to the Webfilter profile. This functions correctly only when proxy-mode inspection is used (File filter).
- FortiOS 6.4 has a File Filter as a separate Security Profile, with individual settings, including a limited flow-based operation mode.
Related document: