Professional Documents
Culture Documents
68-Web Filter Lab
68-Web Filter Lab
68-Web Filter Lab
Go to Security Profiles > Web Filter there are preloaded three predefined web filters.
Action Description
Block Denies or blocks attempts to access any URL matching the URL pattern.
FortiGate displays a replacement message.
Allow The traffic is passed to the remaining FortiGuard web filters, web content
filters, web script filters, antivirus proxy operations, and DLP proxy
operations. If URL does not appear in the URL list, the traffic is permitted.
Monitor Traffic is processed the same way as the Allow action. For the Monitor
action, a log message is generated each time a matching traffic pattern.
Exempt Traffic is allowed to bypass the remaining FortiGuard web filters, web
content filters, web script filters, antivirus scanning, DLP proxy operations
FortiGuard Filter:
To block category, go to Security Profiles > Web Filter and go to the FortiGuard category based
filter section.
Open the Bandwidth Consuming- section by clicking the + icon beside it. Select Streaming
Media and Download and then select Block.
To attach a web filter profile to a firewall policy, Go to Policy & Objects > Firewall Policy. Edit
the policy that you want to enable the web filter. In the Security Profiles section, enable Web
Filter and select the profile created.
To check web filter logs in the GUI, Go to Log & Report > Web Filter.
Set the Warning Interval which is the interval when the warning page appears again after the
user chooses to continue.
To validate that configured the warning, Go to a website belonging to the selected category, for
example, www.godaddy.com & see warning page where you can choose to Proceed or Go Back.
Set the Warning Interval which is the interval when the authentication page appears again after
authentication. Click the + icon beside Selected User Group and select a user group. You must
have a valid user group to use this feature.
Click Proceed to check that the authentication page appears. Enter the username and password
of the user group you selected and click Continue. If the credentials are correct, the traffic is
allowed through.
When Feature Set is Proxy-based it will show Category Usage Quota option down.
In the Category Usage Quota section, select Create New. In the right pane, select the Category
field and then select Streaming Media and Download. For the Quota Type, select Traffic and set
the Total quota to 1024 KB. Select OK and the Category Usage Quota section displays.
Go to Dashboard >Click on Plus icon to add new Monitor search for FortiGuard Quota.
When the quota reaches its limit, traffic is blocked, and the replacement page displays.
Navigate to Log & Report > Web Filter to check the logs for Quota Limits.