Name: Fortinet FortiGate Series
Brand: Fortinet
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Firewall Protection Profile Configuring a protection profile

FortiGate Version 4.0 MR1 Administration Guide

01-410-89802-20090903 493

http://docs.fortinet.com/ • Feedback

Figure 281: Protection Profile IPS options

Web Filtering options

Web filtering sorts millions of web pages into a wide range of categories that you can

allow, block or monitor. Content block uses words and patterns to block web pages

containing the words or patterns, URL filtering uses URLs and URL patterns to exempt or

block web pages from specific sources, and FortiGuard web filter provides many

additional categories by which to filter web traffic. In some instances, users may require

access to web sites that are blocked by a policy. An administrator can give the user the

ability to override the block for a specified period of time. For more information about

overrides, see “Web Filter” on page 549.

You can configure web filtering for HTTP and HTTPS traffic. If your FortiGate unit supports

SSL content scanning and inspection and if you have set HTTPS Content Filtering Mode

in the Protocol Recognition part of this protection profile to Deep Scan, you can select the

same web filtering options for HTTPS and HTTP. For more information, see “SSL content

scanning and inspection” on page 481 and “Protocol recognition options” on page 487.

Filters defined in the web filtering settings are turned on through a protection profile. To

configure web filtering options, go to Firewall > Protection Profile. Select Create New to

add a protection profile, or the Edit icon beside an existing protection profile. Then select

the Expand Arrow beside Web Filtering, enter the information as described below, and

select OK.

Figure 282: Protection Profile Web Filtering options

IPS Select to enable and use the specified IPS sensor.

You cannot select denial of service (DoS) sensors through this option. For information on

configuring DoS sensors, see “DoS sensors” on page 545.

Note: Protection profile web filtering also includes FortiGuard Web Filtering. For

information about FortiGuard Web Filtering, see “FortiGuard Web Filtering options” on

page 495.

Note: If your FortiGate unit does not support SSL content scanning and inspection, or if you

have set HTTPS Content Filtering Mode to URL Filtering, you can only select URL filtering

and blocking invalid URLs for HTTPS.

Fortinet FortiGate Series Administration Guide

Other manuals for Fortinet FortiGate Series