Quantcast
Channel: Fortinet GURU
Viewing all articles
Browse latest Browse all 2380

Web Security/Web Filter

$
0
0

Web Security/Web Filter

Web Security/Web Filter allows you to block, allow, warn, and monitor web traffic based on URL category or custom URL filters. URL categorization is handled by the FortiGuard Distribution Network (FDN). You can create a custom URL filter exclusion list which overrides the FDN category.

When a FortiClient endpoint is connected to FortiGate/EMS, the Web Security tab becomes the Web Filter tab in the FortiClient console.

Enable/disable Web Security/Web Filter

For FortiClient in standalone mode, you can enable, disable, and configure web security by using the FortiClient console. You can define what sites are allowed, blocked, or monitored, and you can view violations.

For FortiClient in managed mode, an administrator enables, disables, and configures Web Filter by using a FortiClient profile. See FortiClient profiles on page 29.

Enable/disable Web Security

This setting can only be configured when FortiClient is in standalone mode.

To enable or disable Web Security:

  1. On the Web Security tab, toggle the Enable/Disable link in the FortiClient console. Web Security is enabled by default.

The following options are available:

Enable/Disable Select to enable or disable Web Security.

Configure Web Security profiles

X Violations (In the Last 7 Days) Select to view Web Security log entries of the violations that have occurred in the last 7 days.
Settings Select to configure the Web Security profile, exclusion list, and settings, and to view violations.

Enable/disable Web Filter

This setting can only be configured when FortiClient is in managed mode. When FortiClient is connected to a FortiGate/EMS, the Web Security tab will become the Web Filter tab.

A FortiClient profile can include a Web Filter profile from a FortiGate or EMS.

On a FortiGate device, the overall process is as follows:

l Create a Web Filter profile on the FortiGate, l Add the Web Filter profile to the FortiClient Profile on the FortiGate.

On EMS, web filtering is part of the endpoint profile.

Configure Web Security profiles

This setting can only be configured when FortiClient is in standalone mode.

You can configure a Web Security profile to allow, block, warn, or monitor web traffic based on website categories and sub-categories.

Edit Web Security exclusion lists                                                                             Web Security/Web Filter

To configure web security profiles:

  1. On the Web Filter tab, click the Settings
  2. Click a site category.
  3. Click the Action icon, and select an action in the drop-down menu.

The following actions are available:

Allow Set the category or sub-category to Allow to allow access.
Block Set the category or sub-category to Block to block access. The user will receive a Web Page Blocked message in the web browser.
Warn Set the category or sub-category to Warn to block access. The user will receive a Web Page Blocked message in the web browser. The user can select to proceed or go back to the previous web page.
Monitor Set the category or sub-category to Monitor to allow access. The site will be logged.

You can select to enable or disable Site Categories in the Web Security settings page. When site categories are disabled, FortiClient is protected by the exclusion list.

  1. Click OK.

Edit Web Security exclusion lists

This setting can only be configured when FortiClient is in standalone mode.

You can add websites to the exclusion list and set the permission to allow, block, monitor, or exempt.

Edit Web Security exclusion lists

To manage the exclusion list:

  1. On the Web Security tab, click the Settings
  2. Click the Exclusion List
  3. Click the Add icon to add URLs to the exclusion list.

If the website is part of a blocked category, an allow permission in the Exclusion List would allow the user to access the specific URL.

  1. Configure the following settings:
Exclusion List Select to exclude URLs that are explicitly blocked or allowed. Use the add icon to add URLs and the delete icon to delete URLs from the list. Select a URL and select the edit icon to edit the selection.
URL Enter a URL or IP address.
Type Select one of the following pattern types from the drop-down list:

l Simple l Wildcard l RegularExpression

Actions Select one of the following actions from the drop-down list:

Block: Block access to the web site regardless of the URL category or sub-category action.

Allow: Allow access to the web site regardless of the URL category or sub-category action.

Monitor: Allow access to the web site regardless of the URL category or sub-category action. A log message will be generated each time a matching traffic session is established.

  1. Click OK.

Configure Web Security settings                                                                             Web Security/Web Filter

Configure Web Security settings

This setting can only be configured when FortiClient is in standalone mode.

To configure web security settings:

  1. On the Web Security tab, click the Settings icon
  2. Click the Settings
  3. Configure the following settings:
Enable Site Categories Select to enable Site Categories. When site categories are disabled, FortiClient is protected by the exclusion list.
Log all URLs Select to log all URLs.
Identify user initiated web browsing Select to identify web browser that is user initiated.
  1. Click OK.

View violations

This section applies to FortiClient in standalone mode and managed mode.

To view Web Security violations:

  1. On the Web Security tab, click the Settings

Alternately, you can click the X Violations (In the Last 7 Days) link.

  1. Click the Violations

View violations

The following information is displayed.

Website The website name or IP address.
Category The website sub-category.
Time The date and time that the website was accessed.
User The name of the user generating the traffic. Hover the mouse cursor over the column to view the complete entry in the pop-up bubble message.
  1. Click Close.

 


Viewing all articles
Browse latest Browse all 2380

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>