Dear All,
Any one can help, can we use static url and web override at the same time within the same web filter profile
Thanks
You should be able to. The URL filter table action for a site is applied before FortiGuard categories/overrides. If you allow a site in a filter list, it will be subjected to the category action or override you specify under the ftgd-wf (FortiGuard) settings. If you exempt a site, no further scanning is performed.
As long as you don't exempt a site, you should be alright.
Regards, Chris McMullan Fortinet Ottawa
hi thank for your reply. what did really mean the exempt in static url. what really will take precedence static url or web overide
Thanks
I just tested the following:
URL filter entry for www.fortinet.com (simple, not wildcard or regex). I originally set the action to Block.
I added the table to a webfilter profile affecting my test host. The site was blocked.
I added an override for www.fortinet.com, so that it appeared as Travel under General Interest - Personal, and set a Warning action for the category, and applied the change to the profile. When I reloaded www.fortinet.com, I was prompted with a warning, as expected.
URL filter table actions are applied first, followed by FortiGuard web filter actions, followed by web content profiles, followed by advanced profile functions, followed by A/V scanning. Each will be applied in turn if the step before does not result in an outright block. Allowing a site in a URL filter will mean the traffic is still subject to:
1. FortiGuard web filtering
2. Web content filtering
3. Advanced filtering
4. A/V scanning
in that order.
If, however, you exempt www.fortinet.com access from further inspection in the URL filter, then *no* further inspection is carried out: no FortiGuard category actions (or overrides), no content filtering, no advanced filters, and no A/V scanning.
It's useful for troubleshooting, or as a workaround if one of the other features still performed is causing issues with particular sites.
Regards, Chris McMullan Fortinet Ottawa
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.