#DAY 6: Security Profiles: Web Filtering & Application Control

Enforcing Safe Browsing and Application Usage

Introduction

FortiGate's security profiles offer comprehensive examination and management of web traffic and apps, going beyond simple firewall rules. Firewall regulations decide which connections are permitted, but Web Filtering and Application Control make sure that the permitted traffic is suitable and safe.

By classifying and banning undesirable or hazardous websites, web filtering helps shield consumers from unsafe content, phishing efforts, and malicious websites. Application Control, on the other hand, identifies and controls application traffic at a fine level, giving administrators the ability to restrict bandwidth-intensive services, prioritize business-critical apps, and prevent dangerous apps.

I set up security profiles during this stage to regulate network application usage and enforce safe surfing practices. I increased network efficiency, decreased user vulnerability, and reinforced user protection by implementing these profiles into firewall policies.

What is Security Profile
In network security systems, security profiles are configurations that specify how traffic is examined and controlled. To enforce security regulations and defend against threats, they incorporate capabilities like intrusion prevention, web filtering, application control, and antivirus scanning.

Enforcing safe browsing and controlling application usage are crucial security measures that safeguard networks from threats and guarantee compliance. These profiles include web filtering and application management.

What is web filtering?
Web filtering is a security feature that limits or regulates access to particular websites or content categories, lowering the risk of cyber attacks and assisting users in avoiding inappropriate or dangerous content. Web filtering is meant to define what a user can or cannot do on a particular organization's network.

Three rules or policies come with a firewall by default: one to monitor all visited URLs, another one to monitor Wi-Fi traffic, and the default one as well. The three default rules or policies that are commonly found in firewalls are:

• Allow Established/Related Traffic: Permits traffic that is part of an already established connection.
• Deny All Traffic: Blocks all traffic that does not match any other rule, serving as a security baseline.
• Log Traffic: Logs information about traffic for monitoring and analysis purposes.

Configuring web filtering

FortiGuard web filtering: Category-Based Filter

*How to set up a new web filtering policy *

Web filtering policy set up

Adding the new web filtering policy to the security profile

Security Profile set up

Testing web filtering

Event simulation on web filtering

Enabling application control

Choosing the application signature → Application control → Application and filter Overrides Turn on the firewall policy's application control → Application control simulation

Application control

Application and filter Overrides

Selecting the application signature

Enable the application control on firewall policy

Conclusion

The capabilities of the firewall were extended on Day 6 from just permitting or rejecting traffic to intelligently regulating its quality and security. Through the configuration of Web Filtering and Application Control, I implemented regulations that shield users from damaging information, minimize their exposure to malware and phishing, and maximize bandwidth for apps that are essential to the operation of the business. By taking this step, network hygiene was improved overall, and administrators gained more exact control over how users interact with apps and the internet.

Success Goal Achieved

• successfully developed and implemented web filtering rules to limit undesirable or dangerous website categories.
• Application control profiles were enabled to limit bandwidth-intensive or high-risk apps and govern application usage.
• To guarantee real-time enforcement, these functionalities were incorporated into firewall policies.
• By evaluating traffic behavior against the policies and simulating events, the settings were confirmed.
• improved user security, adherence to regulations, and effective use of network resources.

Lessons Learned

• **Firewall policies are not enough: **adding security profiles provides deeper visibility and enforcement at the content and application level.
• Web filtering categories matter: choosing the right categories avoids overblocking legitimate sites while still protecting against risks.
• Application signatures are dynamic: keeping them updated is crucial since apps frequently change behavior and traffic patterns.
• User experience vs. security balance: strict filtering improves safety but can frustrate users; careful tuning is essential.
• Layered security is key: when combined with NAT, firewall rules, and logging, profiles create a defense-in-depth strategy.