FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vjoshi_FTNT
Staff
Staff
Article Id 197319
Description
This article shows how to set up application control on v5.2.  It gives an example showing how to block a specific application and allow all other applications.

Solution
In this example, the GUI is used to block just Apple Store.

1) Click on Security Profiles > Application Control.  In the extreme right corner, use the ‘+’ icon to create a new application control list, alternatively, use the existing default.

In this example, a new application control list with a name of ‘Block Apple Store’ is created.

2) Under Application Overrides, click on ‘Add Signatures’ and search for the application name which is to be blocked.
vjoshi_100111_tn_100111-1.jpg
3) Select the required application and set the required action (in this case it is block, but this section can be used to override the action set on each category.
vjoshi_100111_tn_100111-2.jpg

4) Click on Policy under Objects > Policy > IPV4.  Select the source and destination interfaces along with the source and destination subnets as needed.

5) Enable UTM, and select the Application control list which was created earlier.

6) Select ‘SSL/SSH Inspection’ as default and choose deep-inspection if HTTPS traffic is to be inspected as well.

Contributors