Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pipper
New Contributor

Created on ‎08-20-2024 07:46 PM

Block & Alow Access

Hi Experts,
can you help me,
What method can I use for Fortigate devices to apply multiple rules? For instance, I want to block Instagram login and similar activities, while still allowing access to Reels and posts.
1507
0 Kudos
9 REPLIES 9
ymorohashi
Staff
Staff

Created on ‎08-20-2024 08:07 PM

Application Control have the following application signature.
 
Instagram_Login
This indicates an attempt to log into an Instagram account.
Instagram Login detects and logs information of the user logging into an Instagram Account.
 
Instagram_Post
This indicates an attempt to post a message onto Instagram.
Instagram Post detects and logs the content of the posted message by the user.
 
Instagram_Video
This indicates an attempt to play videos on Instagram.
Instagram Video covers the playing of videos that are uploaded on the Instagram servers.
*I am not sure if "Instagram_Video" cover Instagram reels or not.
 
Create a application sensor and set action of the above signatures as you want.
 
If you have no specific policy to Instagram services.
You can try ISDB as destination service.
"Meta-Instagram" in Fortinet ISDB database.
 
Create a policy and set "Meta-Instagram" as destination service.
 
1499
pipper
New Contributor
In response to ymorohashi

Created on ‎08-21-2024 12:14 AM

If I use application control to apply a rule for blocking it doesn't work, I can only either block all Instagram services or not block them at all. Is there another method that can be applied, or do you have any suggestions?

1457
0 Kudos
ymorohashi
Staff
Staff

Created on ‎08-21-2024 12:36 AM

 

Did you select my suggested signatures as override?

appctl_example.png

1449
pipper
New Contributor
In response to ymorohashi

Created on ‎08-22-2024 06:56 PM

Yes, I have done that, but Instagram is still working
Are there any other methods?

1387
0 Kudos
Poseidonas
New Contributor II

Created on ‎08-21-2024 02:00 AM

Hello,

Do you have DLP & SSL Available?

Growth and comfort do not coexist.
Growth and comfort do not coexist.
1437
0 Kudos
pipper
New Contributor
In response to Poseidonas

Created on ‎08-22-2024 07:03 PM

Can I see the documentation to implement it?

1385
0 Kudos
Poseidonas
New Contributor II

Created on ‎08-23-2024 12:54 AM

As I can understand from the pic that you post you don't have it. 

Be careful with the version you have. The problem is that without the DLP you cannot restrict the in-app use of instagram in your example. You can only restrict the access via web access i.e. in Chrome by visiting the web version of instagram. :)

 

https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/153498/data-loss-prevention

 

 

Growth and comfort do not coexist.
Growth and comfort do not coexist.
1356
pipper
New Contributor
In response to Poseidonas

Created on ‎08-23-2024 01:16 AM

Yes, that’s what I want. I want to restrict Instagram access through the web according to specific rules, as users are restricted from using the app. Is it possible to block access to login so that users cannot log in with their Instagram accounts, but still be able to view reels or posts through shared links?

1350
0 Kudos
Poseidonas
New Contributor II
In response to pipper

Created on ‎08-23-2024 01:44 AM

Yes you can do this mate :)

 

Let's see the whole process a-z.

  • SSL (You have to buy and install SSL)
  • Setup Deep Inspection 
  • You set a new rule for Instagram and choose what users can do and what can't do.  

 

See the image below:

Screenshot_5.png

Growth and comfort do not coexist.
Growth and comfort do not coexist.
1338
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.