We want to filter our certain web sites with our Fortigate, preventing internal machines from reaching these sites. Must we have outgoing and incoming rules? It would seem that we would only need outgoing rules. However, in a typical firewall if you have no rules there is an implicit " deny all" rule. From what I read, Fortigate is the same way. So, must I have an explicit " allow all" rule for incoming, and then all my filtering profiles go in outgoing rules? Or can I get by with no incoming rules at all?
Mitch
Fortigate-300A 4.00 (MR3 Patch5)
Fortigate-200B 4.00 (MR3 Patch5)
Fortigate-50B 4.00 (MR3 Patch6)
FortiAnalyzer 100C (MR3 Patch1)