Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pipper
New Contributor

Block & Alow Access

Hi Experts,
can you help me,
What method can I use for Fortigate devices to apply multiple rules? For instance, I want to block Instagram login and similar activities, while still allowing access to Reels and posts.
9 REPLIES 9
ymorohashi
Staff
Staff

Application Control have the following application signature.
 
Instagram_Login
This indicates an attempt to log into an Instagram account.
Instagram Login detects and logs information of the user logging into an Instagram Account.
 
Instagram_Post
This indicates an attempt to post a message onto Instagram.
Instagram Post detects and logs the content of the posted message by the user.
 
Instagram_Video
This indicates an attempt to play videos on Instagram.
Instagram Video covers the playing of videos that are uploaded on the Instagram servers.
*I am not sure if "Instagram_Video" cover Instagram reels or not.
 
Create a application sensor and set action of the above signatures as you want.
 
If you have no specific policy to Instagram services.
You can try ISDB as destination service.
"Meta-Instagram" in Fortinet ISDB database.
 
Create a policy and set "Meta-Instagram" as destination service.
 
pipper

If I use application control to apply a rule for blocking it doesn't work, I can only either block all Instagram services or not block them at all. Is there another method that can be applied, or do you have any suggestions?

ymorohashi
Staff
Staff

 

Did you select my suggested signatures as override?

appctl_example.png

pipper

Yes, I have done that, but Instagram is still working
Are there any other methods?

Poseidonas
New Contributor II

Hello,

Do you have DLP & SSL Available?

Growth and comfort do not coexist.
Growth and comfort do not coexist.
pipper

Can I see the documentation to implement it?

Poseidonas
New Contributor II

As I can understand from the pic that you post you don't have it. 

Be careful with the version you have. The problem is that without the DLP you cannot restrict the in-app use of instagram in your example. You can only restrict the access via web access i.e. in Chrome by visiting the web version of instagram. :)

 

https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/153498/data-loss-prevention

 

 

Growth and comfort do not coexist.
Growth and comfort do not coexist.
pipper

Yes, that’s what I want. I want to restrict Instagram access through the web according to specific rules, as users are restricted from using the app. Is it possible to block access to login so that users cannot log in with their Instagram accounts, but still be able to view reels or posts through shared links?

Poseidonas
New Contributor II

Yes you can do this mate :)

 

Let's see the whole process a-z.

  • SSL (You have to buy and install SSL)
  • Setup Deep Inspection 
  • You set a new rule for Instagram and choose what users can do and what can't do.  

 

See the image below:

Screenshot_5.png

Growth and comfort do not coexist.
Growth and comfort do not coexist.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors