Can you please help me to understand how the custom URL works in fortigate?
I have a scenario like below , please help.
1. https://prod.company.com/sitea --- Allow ( IP 18.104.22.168)
2. http://dev.company.com:9898/sitea -- Allow
( Only these 2 above sites needs to be allowed from the highly protected network)
Rest all including ,
3. https://prod.company.com ( IP 22.214.171.124)
6. "*.company.com" should be blocked at our end. But the challenge here is both allow and deny URL's having same IP. In such scenario how does a brilliant Fortigate take a decision?
1. Basically how does a fortigate determines a http & https traffic belongs to a particular category / URL filter?
1.a - Which field of packets does it inspect to get the details ( CN / SNI / ?? )
2. How can I create a URL filtering profile for the above scenario? Will the below work?
https://prod.company.com/sitea -- simple - allow
http://dev.company.com:9898/sitea --- simple --allow
*.* -- wildcard -- Block
Thank You in advance.. :)