Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dubos
New Contributor III

FortiGate White List of URL's

We have a basic policy to allow everything, but with Application Control and Intrusion Protection profiles, and already above we added prohibiting policies to specific addresses that are prohibited to clients or who attacked us. But now we are asked to test the possibility of adding a whitelist of sites that will never be blocked and automate the process of updating this list. Can I just create a Web Filter profile and add addresses there with the Allow action so that I can then apply it to the main policy? Won't this block all other addresses? How to automate it?

With respect,

Daniil Dubosarskij

cit.rkomi.ru

2 REPLIES 2
R_F
New Contributor III

Im not sure for automation, but choosing between allow and exempt websites I would rather select  Exempt as an action. 

Pls see below link detailed info regarding URL Web Filter action.

 

Difference between allow and exempt in web filter - Fortinet Community

 

Dubos
New Contributor III

The documentation on this topic says "URLs with an action set to exempt are not scanned for viruses", but I think this is a significant decrease in the security of our network. We need FortiGate to protect us from traffic even from these sites, but not block access to them... As if creating additional confidence that we will not accidentally block them by pursuing a policy from above.

With respect,

Daniil Dubosarskij

cit.rkomi.ru