fortigate firewall how-to: web filtering
DESCRIPTION
This lesson wil show you how-to FortiGate Firewall allows you to block specific sites and also filter them on a content base. Stay with us!TRANSCRIPT
FORTIGATE FIREWALL HOW TOWEB FILTERING
www.ipmax.it
INTRODUCTIONIn order to control which web sites are reachable by your client devices, a web filteringpolicy is a must.FortiGate allows you to block specific sites and also filter them on a content base.
Some sites are accessible either through http or https, in the following slides we willshow you how to enable web filtering and URL blocking on both protocols.
CONFIGURING WEB FILTERING FOR HTTPIn order to block sites on a contentbase, a web filtering service profilemust be created.
Go to Security Profiles > Web Filter >Profile and, on the upper right corner,click on the «plus» button to create anew service profile.
Give a name to the new service profileand select Enable Web Site Filter incase you want to block specific URLs.Select FortiGuard Categories in caseyou want to block web sites accordingto their content.
CONFIGURING WEB FILTERING FOR HTTP -CONTINUED
If you have chosen to block sites by URL, on the table below click on the Create New button.Now you can specify which URL to block, for example *.libero.it, using * as a wildcardcharacter in order to block all subdomains of the site. Set the Type to Wildcard and theAction to Block.
You can also enable Web Filtering by content together with URL blocking.
CONFIGURING WEB FILTERING FOR HTTP -CONTINUED
If you have chosen to filter web pages by theircontent, you could specify which content isallowed and which one is blocked (see the pictureon the right). Then select apply to terminate theService Policy configuration.
As a last step, go to Policy > Policy > Policy andmodify the policy you are using to reach theInternet: enable Web Filtering and specify the justcreated Service Policy.
CONFIGURING WEB FILTERING FOR HTTPSTo enable web filtering for HTTPS too, go to Policy > Policy > SSL Inspection and select theplus icon in the upper right corner to create a new profile.
Give a name to the new profile and enable theHTTPS protocol.
Finally go to Policy > Policy > Policy and modifythe policy you are using to reach the Internet:enable SSL Inspection and specify the just createdService Policy.
IPMAX
IPMAX is a Fortinet Partner in Italy.IPMAX is the ideal partner for companies seeking quality in products and services. IPMAX guarantees method and professionalism to support its customers in selecting technologies with the best quality / price ratio, in the design, installation, commissioning and operation.
IPMAX srlVia Ponchielli, 420063 Cernusco sul Naviglio (MI) – Italy+39 02 9290 9171