Fortinet black logo

Handbook

FortiGate allowlist

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:594640
Download PDF

FortiGate allowlist

You can enable a feature that gathers a list of reputable domain names that can be excluded from SSL deep inspection. This list is periodically updated and downloaded to FortiGate units through FortiGuard.

Go to Security Profiles > SSL Inspection, enable Exempt from SSL Inspection, and enable Reputable Websites.The reputable websites are rated by FortiGuard. Web Filtering.

CLI syntax:

config firewall ssl-ssh-profile

edit deep-inspection

set whitelist enable

end

end

FortiGate allowlist

You can enable a feature that gathers a list of reputable domain names that can be excluded from SSL deep inspection. This list is periodically updated and downloaded to FortiGate units through FortiGuard.

Go to Security Profiles > SSL Inspection, enable Exempt from SSL Inspection, and enable Reputable Websites.The reputable websites are rated by FortiGuard. Web Filtering.

CLI syntax:

config firewall ssl-ssh-profile

edit deep-inspection

set whitelist enable

end

end