Measures reported by FgFnWebFltrReqTest

You can control web content by blocking access to web pages containing specific words or patterns. This helps to prevent access to pages with questionable material. You can also add words, phrases, patterns, wild cards and Perl regular expressions to match content on web pages. You can add multiple web content filter lists and then select the best web content filter list for each web filter profile.

Enabling web content filtering involves three separate parts of the FortiGate configuration.

• The security policy allows certain network traffic based on the sender, receiver, interface, traffic type, and time of day.

• The web filter profile specifies what sort of web filtering is applied.

• The web content filter list contains blocked and exempt patterns.

The web content filter feature scans the content of every web page that is accepted by a security policy. The system administrator can specify banned words and phrases and attach a numerical value, or score, to the importance of those words and phrases. When the web content filter scan detects banned content, it adds the scores of banned words and phrases in the page. If the sum is higher than a threshold set in the web filter profile, the FortiGate unit blocks the page.

By closely monitoring the target environment guarded by the FortiGate firewall, administrators can actually figure out the health of the web content filter of the firewall. The number of HTTP/HTTPS requests examined, allowed and blocked helps administrators figure out the efficiency of the web content filter. The higher the ratio of the HTTP requests blocked indicates that the firewall is put to the maximum use in the target environment by the administrators to prevent malicious attacks, unwanted browsing under check and maintain optimal utilization of the resources in the target environment.

Outputs of the test : One set of results for the target firewall being monitored.

The measures made by this test are as follows: