Security Profiles

Support security profile scanning of RPC over HTTP traffic (287508)

This protocol is used by Microsoft Exchange Server so this feature supports security profile features such as virus scanning of Microsoft Exchange Server email that uses RPC over HTTP.

 

 

Users now allowed to override blocked categories using simple, wildcard, and regex expres- sions to identify the URLs that are blocked (270165)

This feature is also called per-user BWL. To be able to configure this feature from the GUI enter the following command:

config system global

set per-user-bwl enable end

 

Then go to Security Profiles > Web Filtering, edit a web filtering profile and select Allow users to override blocked categories.

Use the following command to configure this feature from the CLI:

config webfilter profile edit <profile-name>

set options per-user-bwl end

 

Set flow or proxy mode for your FortiGate (or per VDOM) (266028)

You can configure your FortiGate or a VDOM to apply security profile features in proxy or flow mode. Change between modes from the System Information dashboard widget. Proxy mode offers the most accurate results and the greatest depth of functionality. Flow mode provides enhanced performance. IPS and application control always operates in flow mode and so is not affected by changing this mode.

 

Security Profiles > Web Application Firewall

Signatures can now be filtered based on risk level.

The options to reset action and apply traffic shaping is now only available in the CLI.

The All Other Known Applications option has been removed, while the option for All Other Unknown

Applications has been renamed Unknown Applications.

 

Block all Windows executable files (.exe) in email attachments (269781)

A new option has been added to AntiVirus profiles to block all Windows executable files (.exe) in email attachments.

 

CLI Syntax

config antivirus profile edit “default”

config imap

set executables {default | virus}

end

config pop3

set executables {default | virus}

end config smtp

set executables {default | virus}

end

config mapi

set executables {default | virus}

end end

end


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

One thought on “Security Profiles

  1. Jaro Stolicny

    Has anyone made this off-box websense intergration to work? I have got everything configured per Fortinet how-to, but I still not see firewall relaying http/https request to the websense server located on customer local network.

    Thanks.

    Jaro

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.