Basic Web Filtering

Video Activity

In this video, you will learn how to use a URL filter to block access to a specific website: Facebook, and it's subdomains. When you enable the FortiGuard Categories to allow access to a particular type of content, such as Social Networking, you can still prohibit the use of specific websites within that category. Visit Fortinet's documentation lib...

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
1 hour 35 minutes
Difficulty
Beginner
CEU/CPE
2
Video Description

In this video, you will learn how to use a URL filter to block access to a specific website: Facebook, and it's subdomains. When you enable the FortiGuard Categories to allow access to a particular type of content, such as Social Networking, you can still prohibit the use of specific websites within that category. Visit Fortinet's documentation library at http://docs.fortinet.com

Video Transcription
00:00
>> In this video, you will learn how to use
00:00
a URL filter to block access to a specific website,
00:00
Facebook, and its subdomains.
00:00
When you enable the FortiGuard Categories to
00:00
allow access to a particular type of content,
00:00
such as social networking,
00:00
you can still prohibit the use of
00:00
specific websites within that category.
00:00
First, go to system dashboard status
00:00
and verify your FortiGuard services subscription.
00:00
If you have an active subscription in
00:00
the license information widget you will see
00:00
a green check-mark beside FortiGuard web filtering.
00:00
Next, go to security profiles
00:00
web filter and edit the default web filter.
00:00
Set inspection mode to proxy.
00:00
Enable FortiGuard categories.
00:00
You can set these categories to allow, block,
00:00
monitor, warn, or
00:00
authenticate depending on the type of content.
00:00
To learn more, go to the FortiGuard centers
00:00
web filtering rating page at FortiGuard.com.
00:00
Enter a website URL to find out its category rating.
00:00
Facebook is in the social networking category.
00:00
To prohibit visiting
00:00
one particular social networking site in that category,
00:00
scroll down and enable the static URL.
00:00
Create a new filter and enter
00:00
the URL of the website you wish to block.
00:00
To block all subdomains of a website,
00:00
set type to wild-card.
00:00
Use an asterisk as a wildcard character.
00:00
Set action to block and set status to enable.
00:00
Go to policy and objects
00:00
policy SSL inspection to
00:00
verify your SSL inspection profile settings.
00:00
You will enable SSL inspection to prevent
00:00
HTTPS access to the website
00:00
>> you are attempting to block.
00:00
>> Select the certificate inspection profile,
00:00
ensure that CA certificate is set to
00:00
the default Fortinet CA_SSL proxy.
00:00
Ensure inspection method is
00:00
set to SSL certificate inspection to
00:00
avoid the potential certificate errors
00:00
that may occur with full SSL inspection.
00:00
Enable SSH deep scan.
00:00
Go to policy and objects, policy IPv4,
00:00
and create a new policy that uses the web filter and
00:00
SSL inspection profile that you created earlier.
00:00
Set the incoming interface to the internal interface.
00:00
Set the outgoing interface
00:00
to the internet-facing interface.
00:00
Ensure NAT is enabled.
00:00
Under security profiles, enable
00:00
web filter and select the default web filter.
00:00
This automatically enables SSL/SSH inspection.
00:00
Select certificate inspection from the drop-down menu.
00:00
Ensure that your policy is at the top of the list.
00:00
To move your policies,
00:00
simply click and drag the far left
00:00
>> column of the policy.
00:00
>> Open a browser and visit
00:00
the website that you're attempting to block.
00:00
In this case, facebook.com,
00:00
to ensure that your web filter
00:00
successfully blocks HTTP access.
00:00
A FortiGuard webpage,
00:00
blocked page should appear.
00:00
Sub-domains of Facebook are also
00:00
blocked because the wildcard filter was used.
00:00
Verify that HTTPS access is also blocked by the
00:00
SSL/SSH inspection profile that you created.
00:00
A webpage blocked page should appear.
00:00
Thank you for watching.
00:00
For more information.
00:00
You can access Fortinet's documentation library
00:00
at Docs.fortinet.com.
Up Next