Help
FortiSASE
FortiSASE delivers both a consistent security posture and an optimal user experience for users working from anywhere. Secure your hybrid workforce by closing security gaps, plus simplify operations.
sjoshi
Staff
Staff

Created on ‎09-30-2025 12:04 AM

Article Id 413170

Technical Tip: How to setup threat feed in FortiSASE

Description

 

This article describes how to configure threat feeds in FortiSASE to enhance security.

 

Scope

 

FortiSASE.

 

Solution

 

Threat feeds automatically import external block lists from an HTTP server in plain text format. These block lists can enforce security policies, whether long-term restrictions on specific websites or short-term blocks for known compromised locations.

 

Go to Security -> Resources -> External feeds -> Create New.

 

a.PNG

 

Once the threat feed is up, then a green signal can be seen.

 

a.PNG

 

Since 'Block in Threat Feed Deny policy' is enabled, the newly created threat feed is automatically added to the system-defined rule.

 

a.PNG

 

If 'Block in Threat Feed Deny policy' is not enabled, then the user needs to manually create a policy and add the threat feed in the destination and mark the action as block. This gives more granular control to the user based on the source/user group.

 

a.PNG

94
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.