Scribd
Upload
1 views

Fortinet_Class_6

Uploaded by

chacheng.trading
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
1 views

Fortinet_Class_6

Uploaded by

chacheng.trading
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 17

“Establishment of Secure Network Using FortiGate Firewall”

Class:06

Trainer:

Md. Ziaur Rahman


BSc Eng. In EEE, MSc in Computer Science.
CISM,CCNP-Security, JNCIP(R&S,SEC,DC), PCNSE, Fortinet(NSE-4,5&7) & Sophos Architect.
Web Filtering Configuration:
System > Feature Visibility. Under Security Features, enable Web Filter. Under Additional Features,
enable Multiple Security Profiles.

.
Web Filtering Configuration:

Sample topology

.
Web Filtering Configuration:
FortiGuard category based filter

.
Web Filtering Configuration:
Custom category Configuration
To create a new category for a group of web sites:
 Go to Security Profiles > Web Rating Overrides.
 Select Custom Categories.
 The Custom Categories window opens.
 Select Create New.
 Enter the name of the custom category.
 Select OK.
.

.
Web Filtering Configuration:
Custom category Configuration
Assign your desire website in your created category

.
Web Filtering Configuration:
Lab_11

i) Create a Custom Category As Per Your NAME


ii)Override an website in your category.
iii) Take “ACTION” in your created web-filter profile
iv) Also take action on other custom category

.
Web Filtering Configuration:

Security Profiles > Web Filter and click Create New> Static URL Filter section >enable URL Filter.

.
Web Filtering Configuration:
Web Filter Profile Creation: Security Profiles > Web Filter and select “+”
Enter a Name for the profile. Under Static URL Filter, enable URL Filter.
=>Simple: A simple URL-Filter entry could be a regular URL
Example: www.fortinet.com /URL: fortinet.com

=>Wildcard OR Regular Expression: A wildcard can be used to include one or more URLs to a simple URL
Example: I ) *.fortinet.com (everything before ".fortinet.com" will match this rule, like
support.fortinet.com)
II ) URL: www.fortinet.com/* (everything after "www.fortinet.com/" will match this rule, like
www.fortinet.com/contact)
III) If enter *fa* in the URL field, it matches all the content that has “fa” .www.facebook.com,
message.facebook.com, fast.com, etc.
IV) "/i" symbols means: makes the pattern case sensitive. For example:"/FORTINET/i" will not .
match with "fortinet"

Action:
Block: Denies or blocks attempts to access any URL matching the URL pattern.
Allow: The traffic is passed to the remaining FortiGuard web filters
Monitor: The traffic is processed the same way as the Allow action. For the Monitor action, a log message is
generated each time a matching traffic pattern is established.
Exempt: The traffic is allowed to bypass the remaining FortiGuard web filters
Web Filtering Configuration:
• Go to Policy & Objects > Firewall Policy.
• Edit the policy that you want to enable the web filter.
• In the Security Profiles section, enable Web Filter and select the profile you created.

.
Web Filtering Configuration:
Output in Browser

.
Web Filtering Configuration:
Log & Report > Web Filter

.
Application Control Configuration:
Category Based App Control: Security Profiles > Application Control
In Categories>Dropdown of actions:
• Allow
• Monitor
• Block
• Quarantine

.
Application Control Configuration:
Application Overrides: Security Profiles > Application Control>Application Overrides

.
Application Control Configuration:

Filter Overrides: Security Profiles > Application Control>Filter Overrides


Filters can be selected by behavior, application category, technology, popularity, protocol, risk,
or vendor subtypes.

.
.

You might also like