Hi
I have a problem of designe between application control and web filter
i have a machine that i want to
- make update through apt-get
- acces to specific url
i have application control with apt update and it works
but as soon as i apply my welb filterting to the only specific adress i want to allow the apt update doesn't work anymore.
what are the relation vetween web filter and application control?
I will start with the last question since it is a quick and short one.
>>Also can FGT match against SNI if no SSL decryption done? A) in WebFilter B) in Application Control
Yes. Use certificate-inspection instead of deep-inspection.
>>WebFilter matching. http://2abc.abc.com:888/a..om/abc?ed.harris=5#tag2 scheme:[//[user:password@]host[:port]][/]path[?query][#fragment] What are the recommendations from Fortinet on how to define the regex that it does not is to heavy.
The URL has distinct characters to separate each parts like "://", ".", ":", "/", "?", "#". These are straight forward delimiters to use to separate scheme, user, password, host, port, path, query and fragment.
For the actual names, you do not need to use '.'. You can do something like [a-zA-Z0-9]{x,y} if you want to set a min limit or max limit. That way instead of checking for all hex characters, you limit the check to printable chars that are used in a string. If more special characters could appear like "ed.harris=5", you can add '.' and '=' into the character class for that section.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.