Configuring fortigate web pattern blocking, Configuring cerberian url filtering, Configuring cerberian url filtering” on – Fortinet FortiGate 4000 User Manual

Page 294

Advertising
background image

294

Fortinet Inc.

Configuring Cerberian URL filtering

Web filtering

8

You can continue to maintain the Web URL block list by making changes to the text
file and uploading it again.

Configuring FortiGate Web pattern blocking

You can configure FortiGate web pattern blocking to block web pages that match a
URL pattern. Create URL patterns using regular expressions (for example,
badsite.* matches badsite.com, badsite.org, badsite.net and so on).
FortiGate web pattern blocking supports standard regular expressions. You can add
up to 20 patterns to the web pattern block list.

To add patterns to the Web pattern block list

1

Go to Web Filter > URL Block > Web Pattern Block.

2

Select New to add an item to the Web pattern block list.

3

Type the web pattern that you want to block.
You can use standard regular expressions for web patterns.

4

Select Enable to block the pattern.

5

Select OK to add the pattern to the Web pattern block list.

Configuring Cerberian URL filtering

The FortiGate unit supports Cerberian URL filtering. For information about Cerberian
URL filtering, see www.cerberian.com.

If you have purchased the Cerberian web filtering functionality with your FortiGate
unit, use the following configuration procedures to configure FortiGate support for
Cerberian web filtering.

Installing a Cerberian license key

Adding a Cerberian user

Configuring Cerberian web filter

Enabling Cerberian URL filtering

Note: URL blocking does not block access to other services that users can access with a web
browser. For example, URL blocking does not block access to ftp://ftp.badsite.com.
Instead, you can use firewall policies to deny FTP connections.

Note: You must select the Web URL Block option in the content profile to enable the URL
blocking.

Note: If you are operating FortiGate units in active-passive HA mode, each FortiGate unit in the
cluster must have its own Cerberian license. Cerberian web filtering is not supported for
active-active HA. For information about HA, see

“High availability” on page 81

.

Advertising
Popular Brands
Popular manuals