I’m wondering if anyone has come across this issue and if there are any ideas on how to only make the replacement message only appear if someone tries to directly access a social networking and just silently block social networking content brought in from allowed sitesWe have exactly the same issue and have raised a TAC request for this. I' ll update when I get a response
I was thinking, maybe you can ' play' with both webfilter and application filter. In application filter you can block facebook applications itself instead of URL filtering like *facebook* as a wildcard.I have played with the application filter somewhat, but it' s not really effective for us as we don' t have any sort of SSL inspection going on and most of the social networking traffic is encrypted (I think this is the issue anyway?)
You could also potentially look at editing the replacement messages with a simple text message that might be less intrusive.This is exactly what I had done, I made a small box that appears saying the content has been blocked and used a little JavaScript to make the message disappear when clicked. :)
One of our guys fixed this today - here is the solution: Block Social Networking - under web filter profile Tick Enable Website Filter - under the policy above Add the following entry: www.facebook.com/plugins/like.php Simple Exempt Enable Save & retestThat' s a great suggestion and I have done just that! It has greatly improved the issue and made most sites at least more readable. Thanks again everyone for the input!
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.