In Application Control > Application List I have Skype listed. At this point we need Skype to be allowed out. However when I go to edit this Application in the list, the Edit is grayed out. Even the delete is Grayed out. How can I edit so that Skype is allowed out? Probably a silly question, but I' m new to Fortinet. Checkpoint guy here.
Thanks in advance.
Im not sure we are allowed to edit Application Lit, if you want to allowed Skype then you should use Application Sensor. See the attached file for your reference.
Once done apply that Application Profile to the desired policy most likely from Internal-->External Interface.
The Application List is just that, the list of application (detection patterns) that is current from FortiGuard. This is by it' s very nature neither editable nor deleteable (I hope these adjective exist...).
You use one or more application signatures in Application Sensors. You can enter one or several applications or even application categories into a sensor, and then specify this sensor to be used in a policy.
Example: I suppress peer-to-peer apps by default. So, I create a new App sensor and add the ' P2P' category. Unfortunately, Skype belongs to this category but needs to be allowed often. So, I add another entry ABOVE the P2P category, with just ' Skype' as a single application. ' Skype' is allowed, the ' P2P' category is set to be blocked.
Then this sensor is specified in the ' internal' -> ' wan' policy.
I think I may have done it in a roundabout way but the results were positive. Below is how I configured it based on what you all told me. It' s working but not sure if this is the most efficient way to allow this.
I used this method as well while back when I came up against it but what if I don' t want to monitor Skype and have it filling up my App Control log with entries? I can' t see any way to do this...