Spam is a common means by which attacks are delivered. Users often open email attachments they should not, and infect their own machine.
l Enable email filtering at the network edge for all types of email traffic. l Use FortiClient endpoint IPS scanning for protection against threats that get into your network. l Subscribe to the FortiGuard AntiSpam Service.
Best practices for URL filtering can be divided into four categories: flow-based versus proxy based filtering; local category/rating feature; URL filter ‘Exempt’ action; and Deep Scan.
Flow-based versus proxy-based
Try to avoid mixing flow-based and proxy-based features in the same profile if you are not using IPS or Application Control.
Local category/rating feature
Local categories and local rating features consume a large amount of CPU resources, so use these features as little as possible. It is better to use Local categories instead of using the ‘override’ feature, since the ‘override’ feature is more complicated and more difficult to troubleshoot.
URL filter ‘Exempt’ action
When using the URL filter ‘Exempt’ option,webfilter, antivirus and dlp scans are bypassed by default, so use this option only for trusted sites.
Configuration notes: You need to configure ‘Exempt’ actions in the URL filter if you want to bypass the FortiGuard
Web Filter.You can configure which particular inspection(s) you want to bypass using the set exempt command in config webfilter urlfilter.
The ‘Deep Scan’ feature is much heavier on resources than ‘HTTPS URL Scan Only’. Deep Scan is much more accurate, since many sites (such as various Google applications) cannot be scanned separately without deep scanning enabled.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!
Don't Forget To Buy Your Fortinet Hardware From The Fortinet GURU