Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
trixxmanaty
New Contributor

Limit access to the AppStore

Dear All,

 

Please assist on how to limit access to the Apple AppStore on Fortigate 60D. I would like to allow staff to access the AppStore only after 1300hrs till 0600hrs then block access from 0700hrs till 1300hrs. 

 

Any help is greatly appreciated.

2 Solutions
Shawn_W
Contributor

vmartin_FTNT
Staff
Staff

Hi trixxmanaty,

 

In order to block the AppStore during 0700hrs till 1300hrs, you will need to create a policy that uses a schedule for that time period, and has an Application Control policy that uses the Apple.Store signature to block the AppStore. You will need another policy that does not block the AppStore, which will be used the rest of the time.

 

The policy that blocks the App Store should be higher in the policy list, to make sure it is applied to the right traffic.

Technical Writer, FortiOS

Let me know if there's anything you want to see added to the FortiGate Cookbook.

View solution in original post

6 REPLIES 6
Shawn_W
Contributor

vmartin_FTNT
Staff
Staff

Hi trixxmanaty,

 

In order to block the AppStore during 0700hrs till 1300hrs, you will need to create a policy that uses a schedule for that time period, and has an Application Control policy that uses the Apple.Store signature to block the AppStore. You will need another policy that does not block the AppStore, which will be used the rest of the time.

 

The policy that blocks the App Store should be higher in the policy list, to make sure it is applied to the right traffic.

Technical Writer, FortiOS

Let me know if there's anything you want to see added to the FortiGate Cookbook.

Christopher_McMullan

You'll also want to set the following parameter in the scheduled policy, to ensure sessions are subject to the other rule outside of that time (i.e., sessions opened until the App Store policy will not survive outside of that time range): set schedule-timeout enable

Regards, Chris McMullan Fortinet Ottawa

vmartin_FTNT
Staff
Staff

Because I thought this was an interesting use case, I wrote a recipe for it on the Cookbook site! Controlling access to Apple's App store

Technical Writer, FortiOS

Let me know if there's anything you want to see added to the FortiGate Cookbook.

FatalHalt

Cool to see the process of these troubleshooting threads be turned into documentation! 

vmartin_FTNT
Staff
Staff

I keep an eye on the forums to see if anything comes up that would be a good fit for a recipe.

Technical Writer, FortiOS

Let me know if there's anything you want to see added to the FortiGate Cookbook.

Labels
Top Kudoed Authors