Security Profiles

Blocking malicious URLs (277363)

A local malicious URL database dowloaded from FortiGuard has been added to assist IPS detection for live exploits, such as drive-by attacks. You enable blocking malicious URLs in an IPS profile from the CLI using the following command:

 

CLI Syntax

config ips sensor edit default

set block-malicious-url {enable | disable}

next end

 

 

The FortiGuard IPS/AV update schedule can be set by time intervals (278772)

This feature allows updates to occur more frequently (syntax below shown for updates randomly every 2-3 hours).

 

CLI Syntax

config system autoupdate schedule set frequency every

set time 02:60 end

 

 

Application Control signatures belonging to industrial category/group are excluded by default (277668)

Use the following command to be able to add industrial signatures to an application control sensor:

config ips global

set exclude-signatures {none | industrial}

end

 

The Indistrial category now appears on the Application Control sensor GUI.

 

An SSL server table can now be used for SSL offloading (275273)

CLI Syntax

config firewall ssl-ssh-profile edit <name>

set use-ssl-server {enable | disable}

next end


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

One thought on “Security Profiles

  1. Jaro Stolicny

    Has anyone made this off-box websense intergration to work? I have got everything configured per Fortinet how-to, but I still not see firewall relaying http/https request to the websense server located on customer local network.

    Thanks.

    Jaro

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.