- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
DNS Security Profile blocks safe domains
Why the DNS Security Profile Blocks Domains that are safe,
how does the DNS profile marks a domain as unsafe?
FortiGate
- Labels:
-
FortiGate
-
FortiGuard
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It gets its data from FortiGuard. More importantly though what categories do you have allowed/blocked in the DNS inspection profile?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @SCHMIEDER_Operator ,
You may go through the below link to view under which category the respective domain is categorized
https://www.fortiguard.com/services/sdns
If you believe the domain is wrongly categorized, please raise a case with Fortinet support for further analysis.
If the domain is rightly categorized, and you have allowed the category in dns filter, but still the domain is blocked, could you share the dns profile you are referring to and also the dns filter logs.
-AK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It depends on the category of the domain and the action set under the DNS filter. You can follow this article to whitelist it: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Static-DNS-filter-to-allow-block-DNS-queri...
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The DNS Security Profile aims to strike a balance between security and accessibility. While it can occasionally block safe domains due to the factors Categorization Errors, Dynamic Content, False Positives, and Algorithmic Analysis, it's a valuable tool in protecting your network from potentially malicious or unsafe content. Regularly reviewing and fine-tuning your configuration can help ensure that it works effectively while minimizing false positives.