One of my clients wanted to block fb but without using ssl inspection as he didn't want to install the cert to 100s of his staff computers.
I explained that with that there would be no other way to get it done.
Then to convince the client I opened a fortinet ticket and got the same response that this can't be done without the ssl inspection and cert installation.
Now this guy hired some other service provider and those guys simply blocked social media signatures in app control and applied it to the policy and IT HAS WORKED.
It doesn't say "fortiguard blocked" but just keeps the loading icon spinning and fb doesn't load at all.
The whole situation is turning so embarrassing.
Please tell me if this is a proper workaround? Will this work in the long term? How is this even working, looks like the browser simply doesn't complete the request in some way.
Please any explanation here, thanks.