I spend a lot of time allowing sites that I would regard as "positive" security sites such as certificate vendors, certificate trust list sites and others. Wouldn't it make sense not to list sites designed to make the web safer alongside software download sites?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Every web page belongs to a category. I'm not sure they are about to create a new category just for this.
Have you considered leveraging the ISDB? Verisign exists, digicert exists. This might be better suited to what you're trying to accomplish:
https://www.fortiguard.com/encyclopedia/isdb/9568408
It didn't think of that for this--already in use for every client because of 365, etc. Will add those--faster than overrides--thanks! BTW,
The website(s) you submitted below has been reviewed and updated:
Submission Date: Wed, 25 Jan 2023 15:57:57 -0800
URL: hxxp://crl[.]entrust[.]com/
Customer Comment: Site designed for web safety--should not be blocked.
Updated Category: Information Technology
Update Date: Wed, 25 Jan 2023 16:53:38 -0800
Are you commenting on web filter categories being too broad? What are some examples of sites that you need to exempt vs sites you want to block from a category that you are blocking?
Sites confirming the validity of certificates (digicert, ctl.microsoft.com)shouldn't be in the same category as sites like Verizon.com (Information Technology).
Information Technology | Information Technology peripherals and services, cell phone services, cable TV/Internet suppliers. | FULL SSL INSPECTION | SSL CERTIFICATE INSPECTION |
Information and Computer Security | Sites that provide information about or free downloadable tools for computer security, but not ordinary Freeware and Software downloading. |
I think I agree with you. You can always submit a classification request:
https://www.fortiguard.com/faq/wfratingsubmit
Created on 01-25-2023 05:24 PM Edited on 01-25-2023 05:30 PM
I have--but I was hoping not to have to request dozens of re-classifications manually. And I don't now that they will understand the distinction and remove the urls from a category. I don't know why they would have been placed in a category at all.
Every web page belongs to a category. I'm not sure they are about to create a new category just for this.
Have you considered leveraging the ISDB? Verisign exists, digicert exists. This might be better suited to what you're trying to accomplish:
https://www.fortiguard.com/encyclopedia/isdb/9568408
It didn't think of that for this--already in use for every client because of 365, etc. Will add those--faster than overrides--thanks! BTW,
The website(s) you submitted below has been reviewed and updated:
Submission Date: Wed, 25 Jan 2023 15:57:57 -0800
URL: hxxp://crl[.]entrust[.]com/
Customer Comment: Site designed for web safety--should not be blocked.
Updated Category: Information Technology
Update Date: Wed, 25 Jan 2023 16:53:38 -0800
That's great glad it'll work out for you. Please consider marking the actual response as a solution so people get credit for the post and other people searching can find it easier. :)
ALso, just out of curiosity what was crl.entrust.com categorized as before you got it updated to Information Technology?
I believe they just moved it from Information and Computer Security to Information Technology. Unfortunately there are only 3 OSCP entries in the ISDB and no direct ctl or ctrl entries.
So are you blocking all of Information and Computer Security category today?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.