Fortinet Firewall Live!
Objective:
Apply deep packet inspection on user traffic using Security Profiles. You'll configure and apply Web Filtering, Antivirus, and Application Control to monitor and restrict traffic from the Inside network to the internet.
Why Use Security Profiles?
FortiGate's UTM features allow you to inspect and control:
● Malicious websites
● File downloads (viruses/malware)
● Applications like Facebook, YouTube, Torrent, etc.
Scenario Overview:
Inside users (192.168.1.0/24) access the internet
You’ll apply:
● Web URL Filtering: Block social media site www.youtube.com
● Antivirus: Scan downloads
● App Control: Block peer-to-peer apps
Step 1: Create Web Filter Profile
From GUI:
1. Go to Security Profiles > Web Filter
2. Click Create New
● Name: WF_Block_Social
● Static URL Filter: Create New
● URL: www.youtube.com
● Action: Block
3. Click OK
Step 2: Create Antivirus Profile
From GUI:
1. Go to Security Profiles > Antivirus
2. Click Create New
● Name: AV_Default
● Use default settings for all protocols
● Ensure HTTP & SMTP scanning is enabled
3. Click OK
From CLI:
Step 3: Create Application Control Profile
From GUI:
1. Go to Security Profiles > Application Control
2. Click Create New
● Name: AppC_Block_P2P
In Application Overrides, block:
BitTorrent
3. Click OK
Step 4: Apply All Profiles to Firewall Policy
From GUI:
1. Go to Policy & Objects > Firewall Policy
2. Edit Inside-to-Untrust policy
3. Scroll to Security Profiles
Enable:
● Web Filter → Select WF_Block_Social
● Antivirus → Select AV_Default
● Application Control → Select AppC_Block_P2P
4. Enable SSL Inspection (Use default certificate inspection profile)
5. Click OK
From CLI:
Step 5: Verification:
From Inside PC:
Try opening www.youtube.com → Should be blocked
On Fortinet:
Go to Log & Report > Web Filter
