Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiSASE Administration Guide

    Applying an external feed

    Applying an external feed

    To apply an external host feed:

    You can use an external host feed as the source or destination for a traffic or secure web gateway policy for secure internet access (SIA) and secure private access traffic (SPA).

    1. Do one of the following:
      • Go to Configuration > Policies.
      • Go to Configuration > SWG Policies.
    2. Select the desired policy, then click Edit.
    3. In the Source/Destination field, click Specify.
    4. From the Select Entries slide in, select the required external feed under External threat feeds. Click Close.
    5. Specify the policy action as Accept or Deny as per your need.
    6. Click OK.
    To apply a DNS filter domain feed:

    You can use a DNS filter domain feed as a domain feed category in DNS Filter.

    1. Go to Configuration > Security. Select the appropriate Profile Group from the dropdown in the top right corner.
    2. Go to DNS Filter and click Customize.
    3. In the slide in, a Domain feeds category appears under FortiGuard Category Based Filter, which shows all the configured DNS filter domain feeds. Click the required DNS filter domain feed and select the appropriate action:

      Action

      The DNS request is...

      Security log generated under Analytics > Security > DNS Filter?

      Allow

      Allowed to pass

      No

      Monitor

      Allowed to pass

      Yes

      Redirect to Block Portal

      Blocked. Returns a FortiGuard block page

      Yes

    4. Click OK.
    5. Do one of the following under Internet Access (SIA) or Private Access (SPA):
      • For agent-based users, go to Configuration > Policies.
      • For agentless users, go to Configuration > SWG Policies.
    6. Select the required policy and click Edit.
    7. In the Profile Group field, select the profile group that has DNS filter domain feed configured
    8. Click OK.
    To apply a web filter FQDN feed:

    You can use a web filter FQDN feed as a web filter FQDN feed category.

    1. Go to Configuration > Security. Select the appropriate Profile Group from the dropdown in the top right corner.
    2. Go to Web Filter With Inline-CASB and click Customize.
    3. In the slide in, a FQDN feeds category appears under FortiGuard Category Based Filter, which shows all the configured Web filter FQDN feeds. Click the required FQDN feed and select the appropriate action:

      Action

      Description

      Allow

      Permit access to websites in the .

      Monitor

      Permit and log access to websites in the category.

      Block

      Prevent access to websites in the category. Users trying to access a blocked site see a replacement message indicating that FortiSASE blocks the site.

      Warning

      Display a message to the user allowing them to continue if they choose.

      Disable

      Remove the category from the from the web filter profile.

      This option is only available for local or remote categories from the right-click menu.

    4. Click OK.
    5. Do one of the following under Internet Access (SIA) or Private Access (SPA):
      • For agent-based users, go to Configuration > Policies.
      • For agentless users, go to Configuration > SWG Policies.
    6. Select the required policy and click Edit.
    7. In the Profile Group field, select the profile group that has Web filter FQDN feed configured.
    8. Click OK.
    Previous
    Next

    Applying an external feed

    Applying an external feed

    To apply an external host feed:

    You can use an external host feed as the source or destination for a traffic or secure web gateway policy for secure internet access (SIA) and secure private access traffic (SPA).

    1. Do one of the following:
      • Go to Configuration > Policies.
      • Go to Configuration > SWG Policies.
    2. Select the desired policy, then click Edit.
    3. In the Source/Destination field, click Specify.
    4. From the Select Entries slide in, select the required external feed under External threat feeds. Click Close.
    5. Specify the policy action as Accept or Deny as per your need.
    6. Click OK.
    To apply a DNS filter domain feed:

    You can use a DNS filter domain feed as a domain feed category in DNS Filter.

    1. Go to Configuration > Security. Select the appropriate Profile Group from the dropdown in the top right corner.
    2. Go to DNS Filter and click Customize.
    3. In the slide in, a Domain feeds category appears under FortiGuard Category Based Filter, which shows all the configured DNS filter domain feeds. Click the required DNS filter domain feed and select the appropriate action:

      Action

      The DNS request is...

      Security log generated under Analytics > Security > DNS Filter?

      Allow

      Allowed to pass

      No

      Monitor

      Allowed to pass

      Yes

      Redirect to Block Portal

      Blocked. Returns a FortiGuard block page

      Yes

    4. Click OK.
    5. Do one of the following under Internet Access (SIA) or Private Access (SPA):
      • For agent-based users, go to Configuration > Policies.
      • For agentless users, go to Configuration > SWG Policies.
    6. Select the required policy and click Edit.
    7. In the Profile Group field, select the profile group that has DNS filter domain feed configured
    8. Click OK.
    To apply a web filter FQDN feed:

    You can use a web filter FQDN feed as a web filter FQDN feed category.

    1. Go to Configuration > Security. Select the appropriate Profile Group from the dropdown in the top right corner.
    2. Go to Web Filter With Inline-CASB and click Customize.
    3. In the slide in, a FQDN feeds category appears under FortiGuard Category Based Filter, which shows all the configured Web filter FQDN feeds. Click the required FQDN feed and select the appropriate action:

      Action

      Description

      Allow

      Permit access to websites in the .

      Monitor

      Permit and log access to websites in the category.

      Block

      Prevent access to websites in the category. Users trying to access a blocked site see a replacement message indicating that FortiSASE blocks the site.

      Warning

      Display a message to the user allowing them to continue if they choose.

      Disable

      Remove the category from the from the web filter profile.

      This option is only available for local or remote categories from the right-click menu.

    4. Click OK.
    5. Do one of the following under Internet Access (SIA) or Private Access (SPA):
      • For agent-based users, go to Configuration > Policies.
      • For agentless users, go to Configuration > SWG Policies.
    6. Select the required policy and click Edit.
    7. In the Profile Group field, select the profile group that has Web filter FQDN feed configured.
    8. Click OK.
    Previous
    Next