00:00
>> In this video, you will use
00:00
application control to track applications on
00:00
your network and enhance security
00:00
by restricting certain applications.
00:00
The FortiGate database
00:00
categorizes applications by category,
00:00
technology, popularity, and risk.
00:00
In this example, you will block BitTorrent,
00:00
a high-risk file-sharing application
00:00
that is part of the peer-to-peer category.
00:00
You will also block access to
00:00
the most popular application, YouTube.
00:00
the required security features are enabled.
00:00
Go to "System", "Config", "Features".
00:00
Enable "Application Control".
00:00
Enable "Multiple Security Profiles"
00:00
and apply the changes.
00:00
Next, go to "Security Profiles",
00:00
"Application Control" and edit the default profile.
00:00
A list of application categories are shown.
00:00
By default, the FortiGate monitors most applications.
00:00
Select "All Other Known
00:00
Applications" and set it to "Monitor".
00:00
Also set "All Other Unknown Applications" to "Monitor".
00:00
Enable "Deep Inspection of Cloud
00:00
Applications" to allow web-based applications,
00:00
such as video streaming to
00:00
be monitored by your FortiGate.
00:00
Go to "Policy & Objects", "Policy",
00:00
"IPv4" to enable application control
00:00
with the default profile you just modified.
00:00
Edit the policy that allows
00:00
connections from the internal network to the Internet.
00:00
Under "Security Profiles" enable
00:00
"Application Control" and use the default profile.
00:00
Enabling application control
00:00
automatically enables SSL inspection.
00:00
Set "SSL Inspection" to "deep-inspection".
00:00
This may cause certificate warnings.
00:00
Go to "System" "FortiView"
00:00
"Applications" and select 24-hour
00:00
to see the traffic your FortiGate is processing.
00:00
The list is organized by application.
00:00
Double-click on an entry to learn
00:00
more about a specific application.
00:00
You can see traffic sources,
00:00
destinations, threats, and individual sessions.
00:00
Now go to "System" "FortiView",
00:00
"Cloud Applications", and select
00:00
24-hour to see Cloud application traffic.
00:00
With Cloud applications,
00:00
you can also see which videos have been viewed.
00:00
To block the BitTorrent and YouTube
00:00
traffic shown in the FortiView dashboard,
00:00
go to "Security Profiles" "Application Control".
00:00
BitTorrent is a peer-to-peer file-sharing application.
00:00
Set the peer-to-peer category to "Block".
00:00
Now add an application override signature
00:00
Search for YouTube and
00:00
select all the signatures that are shown.
00:00
Then click "Use Selected Signatures".
00:00
The signatures are added to
00:00
the application override's list
00:00
where they are automatically blocked.
00:00
Enable "Deep Inspection of Cloud Applications".
00:00
Go to "Policy & Objects", "Policy",
00:00
"IPv4" to add the new profile to the security policy.
00:00
Edit the policy that allows connections
00:00
from the internal network to the Internet.
00:00
Set "Application Control" to use the new profile.
00:00
Open a web browser and go to youtube.com.
00:00
An application blocked warning message appears.
00:00
Attempt to download a BitTorrent file.
00:00
Then go to "System" "FortiView", "All Sessions",
00:00
and look at the dashboard to see how traffic
00:00
from BitTorrent applications is also blocked.
00:00
Select the 24-hour view,
00:00
and filter the traffic by application to
00:00
see a list of BitTorrent security events.
00:00
Thank you for watching.
00:00
For more information you can access
00:00
Fortinet's documentation library at docs.fortinet.com.
00:00
For more information about preventing
00:00
SSL inspection certificate warnings,
00:00
check out this video.