Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

cbraafhart
New Contributor

FortiEMS with synced profiles

Dear Forums,

i am currently testing and setting up our FortiiEMS within our environment, but i am currently using synchronized profiles from our fortigate. Nothing too difficult. I am currently using it this way due to the missing options of not being able to limit users with quotas on fortiEMS. Fortigate gives you the option to limit users on specific FortiGuard categories.

There is one setting i am currently trying to allow traffic but can't seem to find it on my fortigate. i have the Unrated category set to allow and block malicious URL's discovered by FortiSanbox disabled.

What i am trying to avoid is, users getting errors on websites that fall under the category Unknown.

What i could understand from people getting the same error they corrected it by editing the XML file and allowing the following line(bolted):

<fortiguard>
<enabled>1</enabled>
<rate_ip_addresses>0</rate_ip_addresses>
<use_https_rating_server>0</use_https_rating_server>
<use_legacy_fdn>1</use_legacy_fdn>
<action_when_unavailable>deny</action_when_unavailable>
<restrict_services_to_regions></restrict_services_to_regions>
</fortiguard>

They have switched this to allow.

My question is, is there a way to set this to allow on the fortigate and not within the XML file?

0 REPLIES 0