Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Zin
New Contributor

ForiSASE Security Profile

I am just wondering if someone is aware the order of security profile processing in FortiSASE? What i am trying to understand is if URL filtering gets processed before the CASB App profile? Or does the App profile gets processed first?

Is there a order in terms of how this is processed. I am aware in terms of how security policy is processed but not too sure around the security profile order.

2 REPLIES 2
Dhruvin_patel

Greetings!

 

The order of security profile processing in FortiSASE is as follows:

 

1. URL Filtering: This profile is processed first in the sequence.

2. CASB Application Control Profile: The CASB Application Control profile is processed after URL Filtering.

 

By following this order, URL Filtering is applied before the CASB Application Control profile during the security profile processing in FortiSASE. This ensures that URL filtering rules are enforced before the CASB application control policies are evaluated.

 

Best Regards!

Dhruvin Patel
Zin
New Contributor

Hello Dhruvin,

 

Thanks for your response. What i would like to clarify is the following:

 

Lets assume that i would like a group of users to only access Googledrive (Url filter applied as well as CASB to allow this) but thats it.

They need to go to the next rule for further processing to access other URL, maybe facebook etc.

 

But now that a security profile has URL filter applied to it and the above rule only allows google drive but blocks others FortiSASE doesnt process any rules further.

 

Whats the best way to get around this use case where you only want to allow google drive only but move to next rule for further processing and a User can be part of multiple SSO group.

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors