Support User Manuals

Fortinet 100A Router User Manual

Open as PDF

of 374

Web filter FortiGuard managed web filtering service

FortiGate-100A Administration Guide 01-28007-0068-20041203 317

Category block

You can filter http content by specific categories using the FortiGuard managed web

filtering service.

This section describes:

• FortiGuard managed web filtering service

• Category block configuration options

• Category block reports

• Category block reports options

• Generating a category block report

• Category block CLI configuration

FortiGuard managed web filtering service

FortiGuard is a managed web filtering solution provided by Fortinet. FortiGuard sorts

hundreds of millions of web pages into a wide range of categories that users can

allow, block, or monitor. The FortiGate unit accesses the nearest FortiGuard Service

Point to determine the category of a requested web page and then follows the firewall

policy configured for that user or interface.

FortiGuard categories and ratings

FortiGuard includes over 60 million individual ratings of web sites applying to

hundreds of millions of pages. Pages are rated into 56 categories that users can

allow, block, or monitor. Categories may be added to or updated as the Internet

evolves. Users can also choose to allow, block, or monitor entire groups of categories

to make configuration simpler. Blocked pages are replaced with a message indicating

that the page is not accessible according to the Internet usage policy.

FortiGuard ratings are performed by a combination of proprietary methods including

text analysis, exploitation of the Web structure, and human raters. Users can notify

the FortiGuard Service Points if they feel a web page is not categorized correctly, and

new sites are quickly rated as required.

See “FortiGuard categories” on page 357 for a complete list and description of the

FortiGuard web filter categories.

FortiGuard Service Points

FortiGuard Service Points provide worldwide coverage. By default, the FortiGate unit

will communicate with the closest Service Point. If the Service Point becomes

unreachable for any reason, the FortiGate unit will contact another Service Point and

rating information will be available within seconds. FortiGuard Service Points are

highly scalable and new Service Points are added as required. The FortiGate unit

communicates with the Service Point over UDP on port 8888. You can change the

FortiGuard hostname if required, using the CLI. See “Category block CLI

configuration” on page 320.

previous next