2. INTRODUCTION
In order to control which web sites are reachable by your client devices, a web filtering
policy is a must.
FortiGate allows you to block specific sites and also filter them on a content base.
Some sites are accessible either through http or https, in the following slides we will
show you how to enable web filtering and URL blocking on both protocols.
3. CONFIGURING WEB FILTERING FOR HTTP
In order to block sites on a content
base, a web filtering service profile
must be created.
Go to Security Profiles > Web Filter >
Profile and, on the upper right corner,
click on the «plus» button to create a
new service profile.
Give a name to the new service profile
and select Enable Web Site Filter in
case you want to block specific URLs.
Select FortiGuard Categories in case
you want to block web sites according
to their content.
4. CONFIGURING WEB FILTERING FOR HTTP -
CONTINUED
If you have chosen to block sites by URL, on the table below click on the Create New button.
Now you can specify which URL to block, for example *.libero.it, using * as a wildcard
character in order to block all subdomains of the site. Set the Type to Wildcard and the
Action to Block.
You can also enable Web Filtering by content together with URL blocking.
5. CONFIGURING WEB FILTERING FOR HTTP -
CONTINUED
If you have chosen to filter web pages by their
content, you could specify which content is
allowed and which one is blocked (see the picture
on the right). Then select apply to terminate the
Service Policy configuration.
As a last step, go to Policy > Policy > Policy and
modify the policy you are using to reach the
Internet: enable Web Filtering and specify the just
created Service Policy.
6. CONFIGURING WEB FILTERING FOR HTTPS
To enable web filtering for HTTPS too, go to Policy > Policy > SSL Inspection and select the
plus icon in the upper right corner to create a new profile.
Give a name to the new profile and enable the
HTTPS protocol.
Finally go to Policy > Policy > Policy and modify
the policy you are using to reach the Internet:
enable SSL Inspection and specify the just created
Service Policy.
7. MORE NEEDS?
See hints on www.ipmax.it
Or email us your questions to info_ipmax@ipmax.it
8. IPMAX
IPMAX is a Fortinet Partner in Italy.
IPMAX is the ideal partner for companies seeking quality in products and
services. IPMAX guarantees method and professionalism to support its
customers in selecting technologies with the best quality / price ratio, in the
design, installation, commissioning and operation.
IPMAX srl
Via Ponchielli, 4
20063 Cernusco sul Naviglio (MI) – Italy
+39 02 9290 9171