Access Control Lists in DoS Policies (293399)

You can go to Policy & Objects > IPv4 Access Control List or Policy & Objects > IPv6 Access Control List and select an incoming interface and add a list of Firewall source and destination addresses and services and drop traffic that matches.

 

You can use the following CLI command to add an ACL:

config firewall acl edit 1

set interface “port1”

set srcaddr “google-drive” set dstaddr “all”

set service “ALL” next

end

 

WebSense web filtering through WISP (287757)

WISP is a Websense protocol that is similar in functionality to ICAP, it allows for URLs to be extracted by a firewall and submitted to WebSense systems for rating and approval checking.

This feature provides a solution for customers who have large, existing, deployed implementations of Websense security products to replace their legacy firewalls with a Fortigate family, such that they are not forced to make a change to their web filtering infrastructure at the same time.

In order to use WebSense’s web filtering service, a WISP server per VDOM needs to be defined and enabled first. A Web filtering profile is then defined that enables WISP, which in turn is applied to a firewall policy.

When WISP is enabled, the FortiGate will maintain a pool of TCP connections to the WISP server. The TCP connections will be used to forward HTTP request information and log information to the WISP server and receive policy decisions.

Syntax

config web-proxy wisp set status enable

set server-ip 72.214.27.138 set max-connection 128

end

 

config webfilter profile edit “wisp_only”

set wisp enable

next end

 

Other new Security Profiles features:

 

• CPU allocation & tuning commands now remain after a system reboot (276190)
• The GUI notifies an administrator when the FortiGate is in conserve mode (266937)
• A new custom IPS signature option, “–ip_dscp” has been added to be compatible with engine 1.x. (269063 )
• The RTP/RTSP decoder can now detect slave sessions (273910)
• ISNIFF can now dump all HTML files if the dump-all-html CLI command is used (277793)
• Sender and recipient fields have been added to flow-based SMTP spam logs (269063)
• Browser Signature Detection added to Application Control profiles (279934)

 

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!