Fortinet NSE4_FGT-7.2 — FortiGate Firewall — Section 1: FortiGate Firewall V6.4 1 Part 27
37. Lecture-37: Security Profile Web Filter Profile.
Profiling is related to work filtering if you are filtering what it means, you know what a resource locator will definitely filter to filter them. Like A that you know, this filter, if I hear this one, it’s like a filter filter or something.
So, if you want to control and classify web browsing based on content, so we are using time. Maybe you want to blog fishing scientists to be best. By their side, and maybe you want to blog on your policy base, maybe your company said no blog, Facebook. Either daily motion and YouTube dot com, it’s up to the company to maybe link to maybe any other social media. Or maybe an exploit site maliciously of site Mulvane websites, Fimian was identified as Web site.
So, you can use your filtering by default DNS to buy the foreign policy, I believe if I ignore the security profile. This time we want to do the filtering.
So, by default, there are three policy already created for us. Diffa one, you can use this one monitor and it will just monitor. Monitor means that will generate log, but it will not stop. Okay, keep in mind and this one is related to the Wi-Fi, so the three rules are already there. We can create or customize in one.
So, what we need to do to if somebody in each year and you apply, you are a distributor, it will check that you are. And if you do find them. And what action they will take if you apply in action. You can apply this rule through July and also through CNN is up to you. To control your web browsing, to control your web traffic, to control you all you are is malicious and malware, anything.
So, there are three predefine, which I told you and just show you. We will use the same the body, what we think wisely, basically, and they have some model, which is a Wi-Fi built in as well, and also they are using Wi-Fi.
So, that one is better than five one, because right now, I can assure you, I find learned this stuff because we don’t have any Wi-Fi or something.
So, that’s why I’m ignoring them there. And you don’t need not only not only will, you will use the one which we are doing properly.
So, we will use the same technology, Najid, I’m connected outside and horizontally, I’m to the and. We are using virtual machine this time I’m using you are a filter and you are ready for it. And this time I will blog on Facebook.
So, let me go back. Can I use a Facebook first? Let me test them before Blacket.
So, are you also are you can better so I live here and link them to people on Facebook.
So, let me go. Yes.
So, A to see.
So, yes, I can access Facebook. Okay, just do it again. Come on. Yeah.
So, you can access Facebook dot com. Okay, let me refresh. Because speed is slow, so that’s why you’re showing me on this one. But anyway, you can reach out to Facebook, dot com interlinks will open in this browser. For some reason, my speed is slow.
So, okay, let me go with the time Facebook. Notkin. We’ll do it once. This browser is still the same issue, which I told you so I need to clear the browser history and restart, so I’m going to use this one. Okay. And also, you can just buy in a way, is in going into a window. Okay, let me go to Facebook. Anyway, more because they never stopped them, so definitely I can log in now, let’s really apply our rule.
So, I’m here security profile with filtering. I already have three. I don’t want to use this one again. These are the name is out of your description comments in reference to that of the average user. We can call on them, we can edit them and we can delete. And if we created and we can search, it is a creative new click on that one. And we believe a profile and also you can do anything with any common feature. And I don’t know, we will do this one, okay? They held their own getting any. Forty yard, which I’m sure 40 yards. They have their own degree, they categorize them in which thing are potentially liable, one adult and mature cartoons. Okay then good consuming category, security risk category on general interest, personal and so on.
So, many category their hill. This one, the first one. And they said this There is some possibility, which you want to apply, you know, somewhere is warming, some is allowed and maybe someone is blocked. And any other thing does seem to be to allow me definitely to allow. Monitor, I just told you this, I mean, just to show you that they will just watch you and they generate a lot, but they will never stop you.
So, it’s called a monitor. Okay, then there is blood. Blood, definitely it will stop you. Is this you are warning me that will give you a warning, but you can continue and browse the website. I will show you on this fourth and then gave me they will ask for username and password.
So, if you want to begin, then you can proceed and log in the website and you can. There you are. But this is a user name and password. This is warning me. That will give you a warning, but you can continue. Blackwall and Monitor will just watch and generate logs and I will definitely log. Okay. But this is the category, not our one, so why not do their duty first, then we will move forward. What is the.
So, let me change something where to go, which we know properly, so the screaming not only, you know, streaming media, it’s better to use this one.
So, streaming media and download, which is allowed by different streaming media and download, is showing here. And see which side they’d like you to be, true.com com dot com dailymotion. These are just a few example.
So, streaming media, zijlaard, I want to know what we already know, so I don’t get it, Bordeleau. I want to see blood lot, these were streaming media and blog and I applied to my new profile is really filtering, we are streaming media is block how we can use the policy and our journey will be your firewall policy. We are only one policy. If you have too many, you have to ask them to every. And what do I need then, do I just want to just leave me and this one this time and my one is refrigerating profile and all station and okay. Okay, so now let’s see. Before it was accessible, Facebook dot com.
Social media, by the way, not not Facebook, so in this one, we need to get you to dot com and Dailymotion.
So, first I need to go to Daquan. Okay, so it’s a forty yard intrusion prevention, a block wide that could be hideous social media and download. Because I’ll be moved into this one, I have only one profile which is related to live filtering, so I’m applying filtering and blocking too, because it’s coming under the streaming media and download and the same way we held the emotion. The more motion I don’t like, I’m currently a nerd. Yeah.
So, it’s Dailymotion is also blogs and social media and on a.. How I know that just blocked by firewall policy and security profile to combine them.
So, to log and report and this time instead of in two hours will do with time to reflect on this. And this time this user besos action was blocked because of you are in daily emotion is coming adulterating it is streaming media and download. And these are the data. And if you want to add more detail, click on Newton. It will show you more. And why is being blocked and which policy is being used? Either I can verify from forwarding traffic as well. It said denied by UTM blog Dailymotion Dailymotion has been blocked by UTM blog policy UTM. We know we trying to do in the beginning of the last YouTube has been blocked. That isn’t. By forwarding traffic and also you can go to the Ashbourne status. Okay, and no, there is no security. Okay, so and security, there is another day. Did you move them, by the way, and the new one and also the changed this one.
So, anyway, but at least you know how we can really find them. I think it should be in this one now they change them to the website, some of the team will take time to show you here because I need to increase the RAM to do it quickly and so far on station. And we’ll show you the station. By the way, these are just to show you the station.
So, it’s better to verify it from the president now. But what we’ve done, we used their own category. If I go back to security profile, we’re filtering the one which I created, DoubleClick. And what are you, the other one? Let me remove the other one for Beaugard category because I don’t have to. They have so many category. Okay, it’s better to do it. Why not for the other steam allowed this time, block to block, we just warming to let me go to streaming media again. What was the streaming media at this time? Let me put them before we move forward again. I need to verify this for things to you.
So, let’s go to Beijing to various media, which we just talked to are streaming media right here. And this is a massive warning. But they say one thing and then how many our this is our how many minutes and how many single.
So, they will give you a warning after five minutes, this is minor. This is our after 5:00 p.m. they will disconnect you and ask you to log in again in the same one. I just need to show you the difference, not to tell you what is the major difference between I and okay, because this rule is already applied. Just modify the rule. Let me go back and refresh this time. It will be a wami. Look at. To have rating of the real world, we’re looking at surplused, just a warning, this second warning and policy, and it will go to the animal shelter. And then once, because I don’t have to certificate this way of showing me this one and look at all the emotion. Inevitable, the emotional. Oh, my goodness, it has to. After five minutes, it will be disconnected and will soon be disbanded again. Oh, is for some reason, let me go to you to.
So, and before the message, there was no this one, there was no go back and plus, you know, we were proceed and will be surplused and you can go to YouTube dot com way the way. How big might have been trying to get. Let me dig them and dig you in real world. Because now I need to re restart this system. This way they are showing at least either I need to install the certificate and these on the issue will be done, but because we know us to be so difficult.
So, I don’t want to involve you in there, but it will be pretty. Let me change then. We’re going to bed to do it, giving you a chance to enter and blog it, never to give you a chance, ok. It’s just like you. Okay, let me go to streaming media this time. Let me say a thing you get now and then be geared for how long.
So, I say five minutes if you want to use a user. I think we created last time on user. Yeah, we created user. What is asking them to let me create quickly one user and group to create. And while groups of post-test and members we created last time, all you there, too, is that oil is the new one, new for everyone.
So, let me create one quick user. Use it or one sort, one, two, three, next. Next, no authentication and all of them in this will be the one which we created. Okay, we don’t have so many. And let me play this is a sort of test of the name and use it. One is inside and I think this will be okay. Bahamadia won’t use it and we will do it in.
So, this time I said streaming media and download, the user has to authenticate and then proceed, they can use you to Dailymotion and all those Web sites. Okay, no need to apply again because this policy is already applied, just modifying them.
So, no need to apply it already here.
So, now go back this time. The situation is totally different if I go to YouTube, Darkon. You do not come into last username and password to port. Proceeded to okay after a while and we’ll ask my username and password supersede. Okay, now if I lost my username and password.
So, far. This this thing is killing me, so it’s better if for some reason, if I can use this. It will ask you basically username and password to proceed. This is the thing which I need to show you.
So, these are the three different thing to do it. This process for some reason. And started there is. The new president proposing maybe it will work and you, too, dot com. Okay, so it will ask me to proceed and analyze the situation and confirm. It was. It is kind from. Oh, my goodness.
So, this one is also doing the same thing, and you have this this to a username and password, which I mentioned here, by the way, if I had done this one.
So, let me show you and maybe find an. Okay, so. Yeah, so proceed. And after this last one to proceed, it will ask you like this. Username and password, so we knew the username and password and continue your visit to the Web site.
So, this is the difference between all this.
So, let’s go back to security profile with filtering. Okay.
So, there was this one is streaming media, so we know and now we know blog, now we know what I mean and give me a warning and then proceed, Authentications, give me a warning and then we need put username and password in and proceed and monitor. There’s nothing really if I apply monitor here and it will proceed, but it will just generate alarm.
So, if I go big. And if I go to YouTube, Darkon. Okay, you do not come either the emotion. Okay. It was. Because this is due to certain difficulty showing me this error, it was proceed. Okay, so is going. But it will generate a lot easier if I will there and we’ll do it filtering. You will see here the difference is pass through. Okay, so it’s possible just that this is the category is being there streaming media and download modified music festival. It will not show me here. Because we never applied this one on Facebook. We wouldn’t apply them streaming media.
So, this is different, maybe you will see, I don’t know, it will show all the normal normal, it will show you only related to streaming media, which is coming under their category if it is black.
So, it will show you blog. And if it is monitored, it will show you what’s through here. Yeah, this is a pass through just to let you know, because you told me to monitor this guy.
So, let me tell you, I cannot stop them. But he went inside either. Did you went outside.
So, this is called monitor.
So, let me go back to security profile with filtering. We have so many things to control through with filtering.
So, this was the intifada to allow the monitor blog warning and other indicators. And they are so many critical. Let me stop this one now. Does it allow users to read blog category? So, it means if I blog social media, let me blog them again, I need to go big and I need to block them so social media is blocked again, once again.
So, do you. The streaming media.
So, if I will be able to buy their daily motion again, so they will stop me.
So, let’s see, they’re going to stop me on an hour and also to use them. They say block me, there is no Netanyahu can cannot go down. Maybe you will see because, you know, Brazil is here. This is the whole big. Because this is just his blood.
So, now let’s come to another point here. This one allow users to write a blog category, whatever you plug the. He is a special person to write the rules. This can be done in India and Pakistan, not India. Okay, and you get everybody is equal. But India and Pakistan, there is no VIP culture. And anybody like you, there is no time for being.
So, it means nobody can go inside. But in Pakistan and India, if you have a reference, you can go inside any time.
So, this rule is for India and Pakistan. There’s a blog and Twitter during.
So, there is one right, this one, so it loud you to do what I can do that in our social media, streaming media, nobody can access but this guy you can do who from the group? The user one is exist. Profile them there you are the one who can do anything. Switch applied to user by user base, either user. We are using user by IP, you can put his IP to them and ask them to put your details. But anyway, I can use a user, either user. Both are equal because we want user here. And this stretch duration, for how long, anyway, if we can see me, but it is enough for us to ask them what I do just to show you and okay. Now, let’s go here and refresh this one. Okay, so if I refresh your memory, tries to show me to what I didn’t know before, it was an idea. All right, now do not that again, it will not show me. It will ask me the username and password.
So, when I put the user name and password, it will allow me. For some reason, I don’t know why it’s giving me this zero. Okay, anyway, I cannot show you again, it will be like this one if I didn’t do this one here.
So, anyway, so this is what right. This special person can go, but this body will be stopped.
So, I’m done with this one and now I’ve done this one. Now there is a strange security feature.
So, maybe something which is not mentioned here, even if I streaming media, it will be streaming media star. If I use social media, it would spur a social media story if I stop gambling every gambling stop. But no, I need a specific thing. Then you can use static. You are in a field of. Block and divided, maybe a urine, which is not a licensed one, which is held, no certification, which is a broken one, so it will stop you there. One dead one is related to this one anyway. It’s not important. But if you want to enable, it’s okay. This one, you are encouraged to enable this one. And now I want to read on your Facebook. Com. Seems like a regular expression, you can use regular expression and whiter than the one liners which are used to put like you suppose if you.
So, anything after dark can be acceptable and it can be dropped and either you can start before Facebook. Action means exempt them, no, I don’t want to examine this one. It will be law. I want to blog. Yes, I want to know this. You all know I want to monitor.
So, you know, blog it out and monitor the only thing a new one examined doing to examine this one. You want do you want to enable this rule, enable or disable? So, I said, yes, I want to it anyway.
So, this is my study group, because if I created here it is on social media. But social media will stop each and every social media theme there is social media if I go to social media. This is health related. Yeah, this one, if I stop social networking, Facebook, Twitter, Rambow, we assume anything will be stop. Because I don’t have a control, but here, I just want a loud Twitter killing done what? I just want Facebook. You can and you can delete and you can add so many. You are you can create a new one as an editor. And now. Okay, okay, I’ll disable this one. Keep in mind, just Facebook dot com and all because the rule is already applied.
So, no need to reapply and come here and Facebook will be blocked. If I click on Facebook. This time it will show me the state you are in. Okay, it’s blood, but it’s better to do it by here. It’s not showing me there being that properly, so that’s why I’m just checking your fee and block me, by the way, it’s. But somebody is not seeing me being a little kid some time because you don’t have a license.
So, that’s why you saw the certificate.
So, that’s why it’s not showing properly. But it’s me. How do we know? Go to log’s and report and we’re filtering. Okay, and here is Facebook is blocked. Not a streaming media, we have our own state to be with them, so that’s why Facebook is done in two, three, four times. That’s why it’s showing me it’s blood.
So, to me, it’s working. Let’s go back to our security profile with Flittering and our one and let’s do something more.
So, let me remove this one again. Then there’s a blog malicious. You are rediscovered by foodies. Sandbox Bodhisattvas is like a pinata for wildfire.
So, they can check anyway if you want, so you can watch it to play the license, but I have a license so you can use this one. Now and same content filter. London, Fulton bringing extra violence, something to click on this one, you can give them any file like anything, okay? Language you can choose any language action you can and you can use regular expression as well. And you can use this one to contend for you again, and you are anything you can pull and they will drop, it seemed like a steady one. Then this related to writing option, just if you want to tell them what is going 40 year firewall network so you can enable to help them anything if you want to help them. But this is absolutely no need of this one. What else? okay, so this was filtering we can do austerity country, we can use their own category and we can use other Kamden either fine and anything we can plug to use a condom filter and grating option just to help them, if you will, on any side, which is it or something.
So, they will send to 40 here to help them to recognize better next time you are looking to get in everything. And this is the oh, we don’t have any problem, you know, that we can use them religious stuff.
So, this was let me go there if I missed something.
So, we’ve done you are pretty thorough, okay, we can use to stop them regular expression that we can use one card like this one on Facebook.
So, anything which you are telling is the first way will start the one which I thought I would like this one. The simple example. Are you saying there was simple and also a regular expression? So, this is called wild card card. You can use this one.
So, Facebook dot com first dot com, everything will be blocked because of these. You are a. And this one, the one which I use, I say only statically like Facebook.
So, this is the difference between simple and wild card block. We are looking to block them in order to allow the monitor just to test and generate logs and them to bypass them.
Something if you want. And this is the way to apply the rule. Then we modify Facebook and here you can see the logs. Okay. Forty guard fifty. Yeah, though this thing we are learning, Testim, okay? And we test this one as well, and we check. We also check the warning as well, it was issuing warning and then you proceed and we’ll show you, okay? But then began this, the one which we are in done, but it was not properly shown by somebody. And so when you click through, then you have to type the user. Then it will again, you go to the extreme remove and then you when you are used to go to. Okay, so you can use a on what is nothing, just, you know, to how much bandwidth they can use.
So, end, which is reaching for each, so they will plug them. They will not use any more Internet.
So, this is called use and which has been removed more way is the old one.
So, you can use that. Okay.