Application control properly blocks access to Netflix when run via browser but not blocking when Netflix is installed from Microsoft Store as an application.
Hi @psniech ,
The Netflix application under the Application category is matched only with TCP/80, TCP/443, and UDP/443 ports. Specific application IDs that match Netflix are:
https://fortiguard.fortinet.com/appcontrol/18155
https://fortiguard.fortinet.com/appcontrol/38500
https://fortiguard.fortinet.com/appcontrol/35444
https://fortiguard.fortinet.com/appcontrol/30184
https://fortiguard.fortinet.com/appcontrol/28844
When downloading the Netflix app from the Microsoft Store, FortiGate cannot block Netflix access because I think the traffic is not web-based. However, enabling SSL deep inspection in the rules may be necessary for some application IDs to work properly. Be cautious with SSL deep inspection, as using an unreliable certificate may cause access issues with your endpoint devices.
Instead, you can create a URL exemption under web filter by following the article below and create a simple blocking entry for netflix.com. This way, you can restrict access at the domain level.
BR.
If my answer provided a solution for you, please mark the reply as solved it so that others can get it easily while searching for similar scenarios.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.