Web Security/Web Filter
Web Security/Web Filter allows you to block, allow, warn, and monitor web traffic based on URL category or custom URL filters. URL categorization is handled by the FortiGuard Distribution Network (FDN). You can create a custom URL filter exclusion list which overrides the FDN category.
When a FortiClient endpoint is connected to FortiGate/EMS, the Web Security tab becomes the Web Filter tab in the FortiClient console.
Enable/disable Web Security/Web Filter
For FortiClient in standalone mode, you can enable, disable, and configure web security by using the FortiClient console. You can define what sites are allowed, blocked, or monitored, and you can view violations.
For FortiClient in managed mode, an administrator enables, disables, and configures Web Filter by using a FortiClient profile. See FortiClient profiles on page 29.
Enable/disable Web Security
This setting can only be configured when FortiClient is in standalone mode.
To enable or disable Web Security:
- On the Web Security tab, toggle the Enable/Disable link in the FortiClient console. Web Security is enabled by default.
The following options are available:
Enable/Disable | Select to enable or disable Web Security. |
Configure Web Security profiles
X Violations (In the Last 7 Days) | Select to view Web Security log entries of the violations that have occurred in the last 7 days. |
Settings | Select to configure the Web Security profile, exclusion list, and settings, and to view violations. |
Enable/disable Web Filter
This setting can only be configured when FortiClient is in managed mode. When FortiClient is connected to a FortiGate/EMS, the Web Security tab will become the Web Filter tab.
A FortiClient profile can include a Web Filter profile from a FortiGate or EMS.
On a FortiGate device, the overall process is as follows:
l Create a Web Filter profile on the FortiGate, l Add the Web Filter profile to the FortiClient Profile on the FortiGate.
On EMS, web filtering is part of the endpoint profile.
Configure Web Security profiles
This setting can only be configured when FortiClient is in standalone mode.
You can configure a Web Security profile to allow, block, warn, or monitor web traffic based on website categories and sub-categories.
Edit Web Security exclusion lists Web Security/Web Filter
To configure web security profiles:
- On the Web Filter tab, click the Settings
- Click a site category.
- Click the Action icon, and select an action in the drop-down menu.
The following actions are available:
Allow | Set the category or sub-category to Allow to allow access. |
Block | Set the category or sub-category to Block to block access. The user will receive a Web Page Blocked message in the web browser. |
Warn | Set the category or sub-category to Warn to block access. The user will receive a Web Page Blocked message in the web browser. The user can select to proceed or go back to the previous web page. |
Monitor | Set the category or sub-category to Monitor to allow access. The site will be logged. |
You can select to enable or disable Site Categories in the Web Security settings page. When site categories are disabled, FortiClient is protected by the exclusion list.
- Click OK.
Edit Web Security exclusion lists
This setting can only be configured when FortiClient is in standalone mode.
You can add websites to the exclusion list and set the permission to allow, block, monitor, or exempt.
Edit Web Security exclusion lists
To manage the exclusion list:
- On the Web Security tab, click the Settings
- Click the Exclusion List
- Click the Add icon to add URLs to the exclusion list.
If the website is part of a blocked category, an allow permission in the Exclusion List would allow the user to access the specific URL.
- Configure the following settings:
Exclusion List | Select to exclude URLs that are explicitly blocked or allowed. Use the add icon to add URLs and the delete icon to delete URLs from the list. Select a URL and select the edit icon to edit the selection. |
URL | Enter a URL or IP address. |
Type | Select one of the following pattern types from the drop-down list:
l Simple l Wildcard l RegularExpression |
Actions | Select one of the following actions from the drop-down list:
l Block: Block access to the web site regardless of the URL category or sub-category action. l Allow: Allow access to the web site regardless of the URL category or sub-category action. l Monitor: Allow access to the web site regardless of the URL category or sub-category action. A log message will be generated each time a matching traffic session is established. |
- Click OK.
Configure Web Security settings Web Security/Web Filter
Configure Web Security settings
This setting can only be configured when FortiClient is in standalone mode.
To configure web security settings:
- On the Web Security tab, click the Settings icon
- Click the Settings
- Configure the following settings:
Enable Site Categories | Select to enable Site Categories. When site categories are disabled, FortiClient is protected by the exclusion list. |
Log all URLs | Select to log all URLs. |
Identify user initiated web browsing | Select to identify web browser that is user initiated. |
- Click OK.
View violations
This section applies to FortiClient in standalone mode and managed mode.
To view Web Security violations:
- On the Web Security tab, click the Settings
Alternately, you can click the X Violations (In the Last 7 Days) link.
- Click the Violations
View violations
The following information is displayed.
Website | The website name or IP address. |
Category | The website sub-category. |
Time | The date and time that the website was accessed. |
User | The name of the user generating the traffic. Hover the mouse cursor over the column to view the complete entry in the pop-up bubble message. |
- Click Close.