We have a basic policy to allow everything, but with Application Control and Intrusion Protection profiles, and already above we added prohibiting policies to specific addresses that are prohibited to clients or who attacked us. But now we are asked to test the possibility of adding a whitelist of sites that will never be blocked and automate the process of updating this list. Can I just create a Web Filter profile and add addresses there with the Allow action so that I can then apply it to the main policy? Won't this block all other addresses? How to automate it?
With respect,
Daniil Dubosarskij
cit.rkomi.ru
Im not sure for automation, but choosing between allow and exempt websites I would rather select Exempt as an action.
Pls see below link detailed info regarding URL Web Filter action.
Difference between allow and exempt in web filter - Fortinet Community
The documentation on this topic says "URLs with an action set to exempt are not scanned for viruses", but I think this is a significant decrease in the security of our network. We need FortiGate to protect us from traffic even from these sites, but not block access to them... As if creating additional confidence that we will not accidentally block them by pursuing a policy from above.
With respect,
Daniil Dubosarskij
cit.rkomi.ru
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.