Application Control Lab:

Verify updated Application Control signatures and database navigate to System>FortiGuard.

Go to Security Profiles > Application Control There are three preloaded application sensors,
default, wifi-default and block-high-risk.

1 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

Application Control Category:
Go to Security Profiles > Application Control. Under Categories, left click the icon next to the
category name to view a dropdown of actions, Allow, Monitor, Block, Quarantine, and View
signatures and Select OK. In this case let’s Block Social Media.

To attach an Application Control profile to a firewall policy, Go to Policy & Objects > Firewall
Policy. Edit the policy that you want to enable Application Control Profile. In the Security
Profiles section, enable Application Control and select the profile created.

2 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

Verification & Testing:
Go to Facebook website, you will see the replacement message display.

To check Application Control logs in the GUI, Go to Log & Report > Application Control.

To check Application Control logs in the GUI, Go to Log & Report > Forward Traffic.

3 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

Application Overrides:
Go to Security Profiles > Application Control. Under the Application and Filter Overrides table,
click Create New. To add individual applications: Select Application as the Type. Choose an
action to be associated with the application. Click the + button in the Application field and
choose the specific applications from the list where app signatures are displayed. Multiple
applications may be selected.

Choose Type Application set Action Allow in this case select Facebook and Facebook related all
Application Click Add to Selected, 17 Selected applications are added related to Facebook.

4 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

Finally, Facebook Applications Are Added with Allow action to override the rule.

Verification & Testing:

Before the Application Overrides Facebook was blocked, because social Media was blocked.
After Application Overrides rule now Facebook page is open.

To check web filter logs in the GUI, Go to Log & Report > Application Control.

5 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

Filter Overrides:
Go to Security Profiles > Application Control. Under the Application and Filter Overrides table,
click Create New. To add individual applications: Select Filter as the Type.

In Filter click + to add Excessive-Bandwidth is Behavior and Video/Audio set the action Block.

Finally, it has created drag it to the top to check first type is Filter and action is Block.

6 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

Verification & Testing:
Try to visit Video and Audio website it will not play let’s visit www.youtube.com .Is you can see
YouTube is allowed however Video not playing.

Let’s change action of Filter Override to Quarantine for 5 minutes.

Finally, Filter Overrides rules action has been modified to Quarantine

7 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

After access Youtube.com which is under Video/Audio filter all traffic block.

Let’s Add Quarantine Monitor navigate to Dashboard Click on + Icon.

8 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

Port Enforcement Check:
Setup protocol enforcement, Go to Security Profiles > Application Control. Enable Block
applications detected on non-default port.

Let’s try to visit a Cisco Router configure outside for http on non-default port number.

Navigate to Log & Report > Application Control the access is blocked.

9 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717