Fortinet white logo
Fortinet white logo

User Guide

Configuring application control

Configuring application control

To configure application control:
  1. Go to Security > Firewall Objects.
  2. Select Application Control from the Security Profiles dropdown.
  3. Click Create or select an existing profile from the list and click Edit.
  4. In the form, enter the following information:

    Settings

    Guidelines

    Name

    Required. Enter a name for the application control.

    Comments

    Enter comments about the application control.

    Category

    For each category, select from the following actions:

    • Monitor (default)

    • Allow

    • Block

    • Quarantine: Enter the quarantine duration, and click Save.

    • Traffic Shaping: Select Shaper and Shaper Reverse, and click Save.

    • Reset

    Application and Filter Overrides

    Select Create to create application and filter overrides.

    To edit application and filter overrides, select an application and filter overrides from the list and then select Edit.

    When editing an application and filter overrides, the fields are the same as when creating it.

    Use the Search bar to look for overrides.

    To edit application and filter overrides:

    Settings

    Guidelines

    Type

    Select either Application (default) or Filter.

    Note: When the Type is Application, you can select preconfigured signatures from the list, select Use selected signatures, and click Save.

    Use the Search bar to look for signatures.

    Action

    From the dropdown, select an action:

    • Monitor (default)

    • Allow

    • Block

    • Quarantine: Enter the duration of the quarantine, and click Save.

    • Traffic Shaping: Select Shaper and Shaper Reverse, and click Save.
    • Reset

    Category

    Select a category or select Category to select all options.

    Note: This option is only available when the Type is Filter.

    Popularity

    Order of popularity.

    Note: This option is only available when the Type is Filter.

    Technology

    Select a technology or select Technology to select all options.

    Note: This option is only available when the Type is Filter.

    Behavior

    Select a behavior or select Behavior to select all options.

    Note: This option is only available when the Type is Filter.

    Vendor

    Select a vendor or select Vendor to select all options.

    Note: This option is only available when the Type is Filter.

    Protocols

    Select a protocol select Protocol to select all options.

    Note: This option is only available when the Type is Filter.

    Risk

    Select risk level or select Risk to select all options.

    Note: This option is only available when the Type is Filter.

    Click Save to save overrides.

  5. Configure Options:

  6. Settings

    Guidelines

    Deep Inspection of Cloud Application

    Enable or disable deep inspection of cloud applications.

    Allow and Log DNS Traffic

    Enable or disable allowing and logging DNS traffic.

    Replacement Messages for HTTP-based Applications

    Enable or disable replacement messages for HTTP-based applications.

  7. Click Save to save the application control.

Configuring application control

Configuring application control

To configure application control:
  1. Go to Security > Firewall Objects.
  2. Select Application Control from the Security Profiles dropdown.
  3. Click Create or select an existing profile from the list and click Edit.
  4. In the form, enter the following information:

    Settings

    Guidelines

    Name

    Required. Enter a name for the application control.

    Comments

    Enter comments about the application control.

    Category

    For each category, select from the following actions:

    • Monitor (default)

    • Allow

    • Block

    • Quarantine: Enter the quarantine duration, and click Save.

    • Traffic Shaping: Select Shaper and Shaper Reverse, and click Save.

    • Reset

    Application and Filter Overrides

    Select Create to create application and filter overrides.

    To edit application and filter overrides, select an application and filter overrides from the list and then select Edit.

    When editing an application and filter overrides, the fields are the same as when creating it.

    Use the Search bar to look for overrides.

    To edit application and filter overrides:

    Settings

    Guidelines

    Type

    Select either Application (default) or Filter.

    Note: When the Type is Application, you can select preconfigured signatures from the list, select Use selected signatures, and click Save.

    Use the Search bar to look for signatures.

    Action

    From the dropdown, select an action:

    • Monitor (default)

    • Allow

    • Block

    • Quarantine: Enter the duration of the quarantine, and click Save.

    • Traffic Shaping: Select Shaper and Shaper Reverse, and click Save.
    • Reset

    Category

    Select a category or select Category to select all options.

    Note: This option is only available when the Type is Filter.

    Popularity

    Order of popularity.

    Note: This option is only available when the Type is Filter.

    Technology

    Select a technology or select Technology to select all options.

    Note: This option is only available when the Type is Filter.

    Behavior

    Select a behavior or select Behavior to select all options.

    Note: This option is only available when the Type is Filter.

    Vendor

    Select a vendor or select Vendor to select all options.

    Note: This option is only available when the Type is Filter.

    Protocols

    Select a protocol select Protocol to select all options.

    Note: This option is only available when the Type is Filter.

    Risk

    Select risk level or select Risk to select all options.

    Note: This option is only available when the Type is Filter.

    Click Save to save overrides.

  5. Configure Options:

  6. Settings

    Guidelines

    Deep Inspection of Cloud Application

    Enable or disable deep inspection of cloud applications.

    Allow and Log DNS Traffic

    Enable or disable allowing and logging DNS traffic.

    Replacement Messages for HTTP-based Applications

    Enable or disable replacement messages for HTTP-based applications.

  7. Click Save to save the application control.