Application Control and Web filter is not blocking websites on browsers

Faresnani · ‎05-02-2024

Hi Community,

we notice some weird behavior in our FortiGate-3300E configuration Firmware v7.2.7 build1577 (Mature)
We applied security profiles Web Filtering and Application Control to our Firewall rule, and we expected to block social media, gaming, movies, and other websites and applications from our network.

Expected Result: blocking the connection to these mentioned categories above.
Actual Result: blocking is done for some browsers and others not, Browsers were tested ( GoogleChrome, Mozilla Firefox, Microsoft Edge), and websites were tested (facebook.com)

you can see the screenshots of the weird logs and the settings

Has anyone had this issue before? How did you manage to resolve it?

Regards

Omran Mohamed

Network Security EngineerSecurity LogsFirewall PolicyWeb Filtering

Omran Mohamed
Network Security Engineer

Yemar · ‎05-02-2024

To enhance the effectiveness of your FortiGate firewall's security profiles like Web Filtering and Application Control, consider using a proxy-based policy or enabling deep inspection on SSL inspection. These methods help the firewall better understand and block unwanted websites and apps. Also, check your firewall policies using the policy lookup feature to make sure there are no open policies that might bypass these security features. Keeping your policies organized and correctly configured can enhance your network's security and your firewall's performance.