Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Explicit proxy address for specific domain extension



Our organization is requesting to disable all download of .exe and .msi files from any website except for URLs from the "" domain. I have read in the documentation you can create Explicit Proxy addresses with specific patterns to use as Destionation in the policy and then apply a DLP profile in it. However, I haven't been able to find if is possible to create a destionation address that would match only "" domains.


Please, if you have any documentation or note about how to create this address would be much appreciated.

Thanks in advance


Valued Contributor II

Would it be acceptable to create the DLP to block all exe and msi files, then just have your SSL Deep Inspection profile whitelist *


Hm... that could be a way but i was trying to avoid the install of the certificate. I will try it, thanks!.



Top Kudoed Authors