Application Control provides a configuration option for handling
'unknown' and 'other' applications[ul]set other-application-action
passset unknown-application-action pass[/ul]What is the difference
between unkown and other? best regardsAndreas
We have recently upgraded to FortiOS 5.4.8 and want to use the
DNS-Filter. I have configured a DNS-Filter and applied it to the
corresponding firewall policy. Beside some Monitor or Block settings for
some categories the DNS-Filter is configured to l...
Hi, we encouter problems with the AV-updates of FortiClient. Update
failed! network error! says the log. anyone else with the same problem?
regards, Andreas
Since some time the AV-update of our FortiClients fails. We use the
default server. The FortiClient obviously connects to 209.222.136.16
when the update is started. A TCP connection can be established, but no
data is transmitted. After some time the ...
Block known malicious IP addresses can be done via CLI per interface or
per policy: config sys interface , edit XXX ORconfig firewall policy,
edit XXX # set scan-botnet-connections disable Do not scan connections
to botnet servers. block Block connec...
IPS has limited capabilities for SSL traffic without Deep Inspection.SSL
Certificate inspection, which is mandatory in FortiOS 5.6 and above
helps for signatures who are based on hostname/domains or SSL/TLS
related indicators. However we don't do dee...
Some more words on this one: FTNT has several modules for Botnet / C2
Detection and Prevention: Botnet IP DatabaseBotnet Domain DatabaseIPS
Botnet SignaturesWebfilter Category Malicious WebsitesApplication
Control Botnet (up to FortiOS 5.4) I raised ...
Fortinet is mixing up the detection and prevention of botnet / C2
traffic to several modules. In FortiOS 5.4 there was the category
'botnet' in Application Control. This has been poorly moved to IPS in
FortiOS 5.6 without building a new category. I h...
