We are seeing a lot of blocked and passing applications in the Security
Log > Application Control related to our domain controller server's IP.
Tor2Web, Opera Turbo, Win_Media, WhatsUp, Gtalk, etc. These events are
reported as originating (Source IP)...
I have found out recently that if i create new user profile on Windows
and start Forticlient there it carries over settings of another Windows
user using this machine. It is weird approach first of all. Most Windows
applications have unique per user ...
We have two old devices: Fortigate 111C and FortiAnalyzer 100B. They are
currently offline (as they have been replaced by other models). We are
going to try sell them via auction (being a public organization we have
such rules). But we need to safely...
I was able to replicate Tor2web match by going to http://onion.direct
and running search queries there. I can probably collect a few addresses
and put them into Wireshark filter and try running that for a month.
A little update. Today i was lucky to run Wireshark on DC when a few
application matches were logged by Fortigate. WhatsApp and Gtalk
applications. WhatsApp case - i see DNS queries:1. local workstation IP
-> DC IP querying for xxx.whatsapp.net serve...
I'm sorry, still puzzled about this. What i was able to find is that in
Web console > Security Profiles > Application Control there is a
policy/profile called USER_DEFAULT_APP which has Proxy category set to
blocking mode. I think this policy is appl...
I'm sorry. This was just out of frustration with Forti in general. I
wasn't sure this is users ONLY forums. It shows "customer service &
support" at the top after all, so i thought maybe Forti employees
oversee these forums. I'm not a very strong net...
