Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jpereira
New Contributor

Custom Categories vs URL FIlter

I am setting up a new Fortigate 200D on 5.2.3

 

I need to restrict internet access to a small number of sites.

 

In the past I have done this 2 different ways:

 

1. Custom Categories

 

2. URL filter

 

Which way is generally more efficient and are there any pros or cons to either method ?

 

Jeff

 

 

4 REPLIES 4
sdash_FTNT
Staff
Staff

 

If you have a huge number of websites to block and that list is common for all the webfilter profiles (if you have too many) , then it is good to go for "custom category" where ,you can put all the urls in the custom category and block that category in all the profile.

In this scenario url filter is not advisable because, you need to go to each webfilter profile and add the huge number of blocked website entries every time.

 

If you have a less number of blocked websites and list is different for all the webfilter profiles, it is advisable to go for url filter.

FortiOS_FTNT
Staff
Staff

Hi Jeff,

 

Url filter is more flexible in use compare to Category override .

With Url filter you can configure simple fqdn, wildcard and regex pattern to match in a URI which is not possible with category override. Category override can only take host part of fqdn as a entry .

You can also use same url filter table in multiple web filtering profile . Although this can only be done from CLI with single line command.

 

Thanks,

 

 

Anirudh

NSE4 JNCIP-SEC JNCIP-ENT

jpereira

Can you elaborate on how you can use the same url filter in multiple profiles ?  This could be very good for me.

dhandinder86
New Contributor

Hi There,

 

In order to apply the same urls on the different web filter profile you need to do the following.

> Configure the url under the following webfilter settings.

#config webfilter urlfilter #edit <urlfilter_table_id> #set name <name_of_url> #end

> Apply that url or urlfilter_table_id on the web filter profile.

#config webfilter profile #edit <profile_name> #config web #set urlfilter-table <urlfilter_table_id> #end

 

Similarly, you can configure other urls or bulk urls for your configuration and then copy & paste the same urls configured on one web filter profile to different webfilter profile through the following cli commands.

 

Thanks & Regards,

Inder Dhand