Folks,fireware: 5.6.4I am trying to understand the Fortigate
documentation; however, I have been finding mix resources. I need to
create an allow list for only specific domain names and wildcard FQDN
entries. I noticed I can create these entries in t...
Looking over the documentation - it appears EXEMPT is not the best
solution in my case, since it does not do AV
policy.http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-security-profiles-54/Web_Filter/Static%20URL%20Filter.htm
sw2090 wrote:At least in static URL Filter: yes allow does not stop the
engine from processing on. Exempt does. Thank you - I did not know that.
I do have an official ticket open, so when I get an answer I will update
the forum.
sw2090 wrote: First please do not use allow if you have rules below this
rule (which you have - at least the block all rule). In this case you
must use exempt to have the filter stop once the allow rule is hit.
Allow would not stop the filter so it w...
sw2090 wrote:Hiho, the Fact that you need Wildcards in your FQDN in my
opinion limits you to one option: url-filter.Whitelisting in
Rating-Overrides of the Webfilter does not support wildcards!The URL
Filter does support wildcards. So you could eithe...
emnoc wrote:Hmm..... it all depends. Here's my thoughts 1: if FAZ goes
down or your connection is down you have no logs 2: ideally you log into
two places ( FAZ and SYSLOG ) 3: As you noted, logging to disk is and
resource eating event and why would ...
