Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
clarkg
New Contributor

Rate URL' s by domain and IP address question

So we block the web hosting category for our users. I also have the check box for rate url' s by domain and IP address checked. Lately alot of users, when they try to go to some pages (not sure exactly which ones) get blocked from the sites. In the URL, it has the IP address of the site that is blocked, and the category is webhosting. When I do an nslookup of the ip addresses, they are all either akamai.net or akamaitechnologies.com, which I know are backend servers for alot of sites. So what I have been doing is putting in a ratings override for the IP address into a category that is allowed. If I understand correctly, even though I put in the rating override, if the URL is in a category that is allowed, it will then allow the site. However, if it is something that isn' t, like facebook, it will still block it? Correct?
1 Solution
billp
Contributor

I consider the " rate URLs by domain and IP address" a legacy setting that doesn' t apply well to the modern Web. Too many sites resolve to the same IP and you will get a flood of false ratings. It might help if you describe what you are trying to achieve by blocking hosting sites. It eliminates a significant portion of the web. The Fortiguard website rates Akamai as a Content Server which is different than the Web Hosting rating. What version of FortiOS are you running?

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1

View solution in original post

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
3 REPLIES 3
billp
Contributor

I consider the " rate URLs by domain and IP address" a legacy setting that doesn' t apply well to the modern Web. Too many sites resolve to the same IP and you will get a flood of false ratings. It might help if you describe what you are trying to achieve by blocking hosting sites. It eliminates a significant portion of the web. The Fortiguard website rates Akamai as a Content Server which is different than the Web Hosting rating. What version of FortiOS are you running?

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
mbrowndcm
New Contributor III

From what I' ve seen, FortiGuard actually secures on the side of un-security when it comes to this setting. Example: youtube.com' s IP space === google.com' s IP space. Without blocking HTTPS, but blocking Streaming & Media, *youtube.com is blocked over HTTP, but over HTTPS it is not. facebook.com' s IP space === facebook.com' s IP space. Blocking Social Networking, *facebook.com is blocked over HTTP and HTTPS.
" …you would also be running into the trap of looking for the answer to a question rather than a solution to a problem." - [link=http://blogs.msdn.com/b/oldnewthing/archive/2013/02/13/10393162.aspx]Raymond Chen[/link]
" …you would also be running into the trap of looking for the answer to a question rather than a solution to a problem." - [link=http://blogs.msdn.com/b/oldnewthing/archive/2013/02/13/10393162.aspx]Raymond Chen[/link]
billp
Contributor

Interesting. I haven' t used it in a while. The last time I tried it, my users were getting unpredictable results -- or it at least seemed unpredictable to me -- so I disabled it. It was probably over a year (or two) ago, so my experiences are definitely dated. I' d be curious if/how others are using this setting.

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1

Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
Labels
Top Kudoed Authors