We have a basic policy to allow everything, but with Application Control and Intrusion Protection profiles, and already above we added prohibiting policies to specific addresses that are prohibited to clients or who attacked us. But now we are asked to test the possibility of adding a whitelist of sites that will never be blocked and automate the process of updating this list. Can I just create a Web Filter profile and add addresses there with the Allow action so that I can then apply it to the main policy? Won't this block all other addresses? How to automate it?
The documentation on this topic says "URLs with an action set to exempt are not scanned for viruses", but I think this is a significant decrease in the security of our network. We need FortiGate to protect us from traffic even from these sites, but not block access to them... As if creating additional confidence that we will not accidentally block them by pursuing a policy from above.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.