Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
TimB_Unbound
New Contributor

'Reputable Websites' for SSL inspection

What defines a reputable website? 

 

With the new Reputable Websites option in 5.4.1 I'd really like to understand what actually defines a reputable website. I understand from the documentation that it is a "secure white list database" of "reputable domain names that cain be excluded from ssl deep inspection".

 

When working with something that can potentially poke a very large hole in my security fabric I'd really like a better understanding of exactly how this works. For any Fortinet staff, if this is something proprietary a general answer would be great..

 

Although I'm looking for a general answer I'm mostly concerned with how sites that include user content are handled. 

7 REPLIES 7
telecosistem
New Contributor

This new feature above 5.4 firmware help you to indicate a white list of websites. This database is syncrhonized through Fortiguard. On this way won't apply the SSL content for these websites.

 

Best regards,

 

Follow us: 

SSL Content - Fortinet en español. https://networkingcontrol.../ssl-content-fortinet/
TimB_Unbound

telecosistem, thanks for the input but it doesn't really help describe what this function would allow through unencrypted.

 

A couple cases that I would have thought should have been addressed - google.com and a couple core addresses used for Skype for Business - are both still being inspected with this option enabled. 

 

We should have better understanding of the what these products are actually doing. 

tmacca
New Contributor

+1 from me

 

I would like to know more about the 'reputable websites'

Where can I find out what sites are on this list? How is it maintained? What constitutes a 'reputable site'?

 

Thanks

 

gsarica

I could be wrong, but I believe it's the list in System -> Reputation. You can type in a site like www.google.com and see the reputation, maybe if it's listed as 'trusted' here it's passed through inspection?

tmacca
New Contributor

Hi gsarica, thanks for your response

 

I can't see that menu option? (600c running 5.2.8)

Where exactly do I find this?

 

TIA 

gsarica

Sorry we're running 5.4.2 like the OP, the option seems to be there for us. Not sure about 5.2.8.

sthampi_FTNT

Hello,

 

Looks like this post is very old, but answering this question so that it might help others.

 

Yes it is a white-list database, which is updated by our FortiGuard team. 

 

You can view the list of trusted URLs by navigating to System > Reputation > (search for trusted)

If you don't see the Reputation section under System tab, you will need enable "Domain & IP Reputation" field under "Feature Visibility"

 

GUI might not show the entire content, so you can send a monitor API request to retrieve the entire output in JSON format.

A sample API Request/Response:

 

http://10.5.25.31/api/v2/monitor/webfilter/trusted-urls?vdom=root

{
"http_method":"GET",
"revision":"2.00221(2018-11-13 08:05)",
"results":[
{
"includes_subdomains":0,
"url":"tsiss.com",
"url_length":9
},
{
"includes_subdomains":0,
"url":"ehipassikoschool.sch.id",
"url_length":23
},
{

..........................................
..........................................
  ],
"vdom":"root",
"path":"webfilter",
"name":"trusted-urls",
"status":"success",
"serial":"FGVM010000052771",
"version":"v6.0.2",
"build":163
}