Fortinet NSE4_FGT-7.2 — FortiGate Firewall — Section 1: FortiGate Firewall V6.4 1 Part 29
39. Lecture-39: Security Profile Application Control.
It means anything like Facebook is implication, Twitter application, Facebook status and other application fees will call what is recorded in chat rooms and other application content, which will be really was EIDO or streaming. Those are separate application.
So, in firewall, these college application and Next-Generation Firewall ID, and this is the ability of the next generation firewall to recognize and stop and allow and control their traffic based on application. And here’s a good thing. Let me give you one that I want to allow Facebook, but I want to stop it. Yes, it’s possible through Next-Generation Firewall.
So, this is an application control. You can control the application. Okay, using application control profi. You can go in the rice, you can buy your application, not by default, not by brutal all. As I give an example, normally we are using Facebook. That’s why I’m giving you an example of Facebook and Facebook giving you a login. There is a charity from as well. There is a file uploading as well there. And when you put your messaging, I don’t know what is there that can be content in your time.
So, you can say that Facebook is allowed, but nobody can watch the video knocking, but you do the chart so you can control them by implication, control.
So, this is called application control.
So, again, we will use the same technology. Okay, is my Internet system, which is connected and is the firewall and we are connected with an interface. I’m sorry.
So, what do we can do, let’s go to an application control, here is the application control. Again, there are three different. Already created for us blockaders, it will only wireless communication will be Diffa, one which not only to monitor only and monitor. We know it will generate logs, but it will never stop them. And the third one is for Wi-Fi. Again, you can loan them, you can enter them and you can deliver them. And you can search and reference I mean, this one is used somewhere. But let’s create our own one, so I say application control. And here I will say. And control room for not giving them this name, you can dial tone comments if you want. These are the category being defined category they held. One point, one is blood money, the veterans and all those kind of communication and all those records seem to be. Jim. And this you can basically you can see from here, I mean, this is one into the model. This means yellow know, and this one is blocked and this means Warrandyte and meet. But sometimes it will keep them, we call them quarantine.
So, these are very difficult to get to Guinea. Proxy is blood, and what is unknown implication is allowed the plan and everything is monitored only it means that the father on his which is showing here is not one. Suppose, if you want to, this social media, social media, I mean, there are so many things coming under the scrutiny. If you want to see this, you mentioned these are social media implication. The one which we normally, you know, linked our Facebook.
So, Facebook. Twitter. You know, and I’ve been one is I think Shillington is also coming under this one. Yes.
So, these three know we know this way and just need to show you, these are the application. Look at and Facebook. If I see if Facebook is not one application of the whole application, like a button personal blogging search, what a place. Okay, and then download upload everything you can control and everything. Instagram is also coming under this category, so this is social media, one one six application is the year and 31 is cloud based application. This is the cloud is the sign that cloud is showing you, and these are once this number means that there are one one six implication in social media, one in search of privacy and for the in St. Cloud Iot. And I mean, these all will be monitored and this one is means to block them and this green means in our.
So, suppose we want to blog social media for randomisation, click on this issue, so this is a monitor in our blog, Quarantine Room. The signature and replug signature is Signature Me, the application, which you want to see that you want to see the list of one one six application. Anyway, I see black. I don’t need social media implication and okay, so my. Application profile is a water policy, an object. And we’ll do a on a new. Okay, remove this one, because we want to properly test implication, control and choose the one which we created and apply. Okay.
So, before Facebook was even if we asked them again, it has to be stopped. And also Twitter and also the other implication, which we say on LinkedIn.
So, the message there for the control implication is being blocked because you’re dealing with social media and nothing is known if you want nothing more. And I told you this, the application control. And if you want to modify the system, replacement messages, this time replacement messages related to application control.
So, implication control is certain extended. This one is a bit.
So, search here.
So, this is a publication controlled blog page, if I click this one, so you will see their message, the one which is mentioned here, look, let me change this one so that we can see this can be on.
So, let me go to. Okay, if is coming to Sochi, it is difficult to listen to it or I don’t know which you it is this time, so I need to search this to next year. MINIFY Yes, okay, here are doing this one application control. I’m here in B.C. just to show you and refresh this one. It will be for the year duplication, ABC told me this working this minute, taking from the air, which I told you yesterday in the sand will be Facebook, Facebook, LinkedIn and those will be blog. Another one is Twitter. Let’s start on Twitter as well. Peter is the meantime from here.
So, it will give you the same message, also Instagram. Okay, and Twitters or. Okay, again, Twitter. Okay, so it’s not reasonable in some cases for democracy, but sometimes it will show you the remainder properly and Instagram is also coming under this category again. It will show you this this Bienstock.
So, it’s not reachable and we can verify this one or two logs and report and there is an application going to look at this one under logs and report application control, it will show you the reason.
So, Instagram is being blocked, but it was not showing properly. I told you to do to certificate and also LinkedIn was only working on this one is working properly. And I think it was not working properly. But anyway, it will show you here.
So, Instagram, Twitter has been blocked, Instagram is blocked. Okay, and these are the Asian who say this one under logs and report application control, told me this one. The implication is being blunt. Because we apply this rule here. Okay, and also you can really from forwarding traffic as well.
So, instead, Twitter is being blocked by UTM Block or guarantee nineteen ninety nine 14 and also I don’t know because they’re just changing it.
So, it was somewhere here is the implication control and this new one, the little changes.
So, I need to search that one. Is the important related, by the way. And also the implication I don’t know what will show here, announcing the new one.
So, it’s showing me is this time.
So, these are the implications which we assist them Twitter, LinkedIn, Instagram and Google.
So, these are called implication and these are the risk factor in everyone like Twitter is coming under social media and these are being roughly three aces from last one on your game, changing to twenty four and such and make them bigger and so on and off transition. You’ll get to see one decision which created.
So, we’ve done one thing, application control, but we you use the different category.
So, let’s go back to security and mobile application control. Click on your own, which you created on one and say that I don’t need this one. Click on one end to remove it this year degree. Let’s go down this network protocol enforcement. What is network protocol enforcement, if I remember you can in the protocol, has to use. Okay, no, if I click, click and number 18 to impose enforcement, I said then ETP has to work on that. I’m on board 80 information to block them. Another one, I adore them there, four, four, three is better than HHTTP, as if it’s coming from any other bore, no blood on them. And I. Okay. But we can fix them.
So, let me do another EXPE and change the board. No, I have another XP XP outside and let me put this, XP is outside. I just told you, just change the interface so it will become outside. It’s not outside. And on.
So, my 40 year old has two interfaces named as the old saying, and Lindsay Lohan is the insert.
So, I want to be outside and this I will build the new XP in this subnet and I will be inserted in this statement.
So, this is just like outside one system for me, like a Google and Facebook or whatever, here I will enable you to be okay, let me see the IP address first, which I’d be willing to sign because I started using one one for IP this my Sony. Outside we do this, the outside one one four.
So, let me check my IFB so we have to assign. Changes are to be the main them. Do you find one more dynamic, though, statistically, one nine two one six one one four, the supposed 150 and 190 to 160 and one on one for what is also range one three three is the gateway. And this the day it is the.
So, this become like external system for me and I also I will be reaching from inside, let me try them. Being 192 168 one one four to one designed this one, so, yes, I’m reachable.
So, um, external expe, let me inaudible sorry we expe. This one, Zimm, server. And configure them, so with the IP click here and this is our IP 150. Let me use their board first, it will start.
So, any more info for free is the reward board for Ripsaw from inside EXPE, let me access this IP one to two one sixty eight one one four north one with someone who will be accessible. This, this is what. Five.
So, it allowed me for a while, because if I say, okay, no issue, because the server you are accessing, it should be there using port authority. And this is true. And most importantly, let me change it. Apology and I will say use for immediately rather than 80. Stop and start now. I changed my number to if I drive from XP for. What do you want to say, because you changed the board, so you have the board and the 80 still okay? It doesn’t do me so let me copy them. And is because sometimes stinging taking from history. Okay, so it’s accessible. Why do I need to go big? I need to check why is allowed on. Not under the radar. Okay, so let’s go to application control, the application profile which we created focused on one object. I did not. Okay, yes. If I simulation, I got to stop them HHTTP for some reason, I don’t know why they did not stop them HHTTP, I don’t remember if HHTTP is using any other form besides.
So, allowing them to buy them in, everything is okay. Nothing is let me know what you guess it has to stop them. And I let you play this one year to double check.
So, would his dream engineer.
So, let me try again by the media has allowed you the ball, which you are not destined for.
So, I told them we would only know this one. And they have to give you a message, a warning message that in this form. But unfortunately, for some reason. Okay, why only thing is this not working for me? Now, let me show you here if I done it here. Okay. Standard four day, five minute. I didn’t even really hear it shouldn’t be here, but it will stop you. Let me go back to security profile application control to application control, not only doing application control, but you can do an extra job. One of this is this one. Network protocol enforcement, there are these protocol has to work on these board for I block them for me. But this time I don’t know why I need to interview them. Then let me remove this one now. No need any more. Another thing is your application and filter what right. You can use your custom. These are on the implication. How many obligation to one one nine implication is written here as well? These are the all together application categories, like a Ford share, like go discarded Gmail, dotcom, Yahoo! Dot com, ABC, dot com and all those things is considered as an application, including dot com.
So, we have that much application. Maybe you need to be nice.
Some specific application which is not mentioned in this category. We use this category and this is very interesting to me. Maybe I want to allow Facebook, but I want to start Twitter. Can I do here? No. If I say blogger to blog every social media, let me know. But here I can do my own thing, so I came here, it said by implication out of fear that you want to apply your own freedom either by implication, you want to select and rejection. You want to take money to just to generate loans. And it will be low in all goodwill and all but no longer generated. Blog. Definitely. And you are to blog them. And what I’m trying to keep them for some time. It will not work when the threshold is reached.
So, they will allow them. For the time being.
So, anything you want to do because blood, we can see that is there, so I will say blood. And on reserve, reaching you and it to show you here.
So, I didn’t hear anything. You’re selling to sell to the island the.
So, let me go to Alan in.
So, it’s up to you. You want to feel that either you want to solutia and remove selection, either because it’s a different altogether, I don’t want to remove all by the way, I need me said it all and remove it here because I didn’t sell it by mistake. I said to 80.
So, it’s up to you, you can do it one by one here.
So, if I said I want to stop the Facebook related anything subject and sell Facebook. Selling body control in selling because it’s selling, selling. Okay, and baseball, anything related to Facebook I want to start. Okay, up to this point is enough. And when you sell them or get around to selected, so one, two, five, five application is being selected, by the way, is too much. Okay, you know, one day I was elected. Okay. And then all of these implications which you selected, will come here. I think so. I didn’t necessarily mean who big. Just one minute to look them up, I. It was a little bit too much time.
So, I did I did not celebrate that I celebrate too much. I was just showing you Facebook. That’s why I selected a minimum one, because this required more rain to generate.
So, that’s why I let me stop this one. Okay.
So, I am back here is better to do it for freedom is easy. Okay, so let me send it to Facebook. Facebook and such.
So, Facebook application. Okay, this to and is it. Either live in Dubai, it’s better to do it here. Suppose, if I want to do more social media.
Social media. Okay. And now on social media. I need an easy way to do it, to show you. Okay, so social media is indeed in place. Okay. Okay, it change the reality. Oh, my goodness, this is selected by.
So, selling social media. Okay, and let me do Facebook. You can see them and. Selling control to multiple installation, and if you want to more and when you click at the end and with a link to their point. Okay, and press, okay. For some reason why they’re not selecting me if I’m doing something wrong. There should be one more time before we knew how to win or just not be in this new one anyway. We’re going to do it again.
Something. Okay. By the way, you can do filter by popularity as well, by implication category as well by behavior as well.
So, Filter will give you more control if you want to do it by the three, like suppose if I run any risk application. Okay, so you can select this high risk application. And on this, okay? Selected, okay, and okay, so you can sit in my district, okay, this and last time this was too much application.
So, in this way I told them location, these are the application and this is my filter. There are two method, I assure you. By the way, if I deliver this one and this one, if I do it again, to do when one is by implication, the other is filtering filter is nothing, but it will filter then. Do you like your deden by any popularity and technology, anything you can choose them. By implication you have to choose an aide, so it’s up to you.
So, if I see a Facebook. Okay, and let me er selector and er selecter, it was before I was searching for this one. Now you can select many and just say and to select and if you are using by implication. Okay, is this enough nine Stonnington here, I selected nine of these implication, I want to plug them in, okay? It will come here.
So, this is by implication and then other is filter. If you want to feel the implication of failure here and which thing you are like a martinet cloud, this is my behavior and this one is by implication category. And this is a popularity. I suppose we need high risk implication. I want to stop on high risk implication.
So, I choose. This risk application and okay.
Sort of two things we can do it by implication and by extension is blood.
So, this is the one which I hate implication and also filter one, right. Was mentioned to name here and now it’s okay. Okay, and. And because it’s your days, if I go back to my EXPE so fully visible within our club. It’s better to show you from here, click on this one, too, it will show you a banner again. If everything is working properly. And also risk implications or risk implication is this one. You remember this one, which we ask them to look at dismantling the 40 year implication, this the risky real sorry yesterday will test them for our witnesses and for the Facebook. Let’s see, so far some reason again, the same issue Facebook is not showing me properly. It has to show the same banner like this one. And we fight implication, control all the laws and report and the application control, it will tell you about Facebook and their website.
So, Facebook is a blog where for some reason it’s not showing media. And also this Web site, this is coming under. A risky application because we choose to things the risky application and application, we choose Facebook.
So, that’s why issuing the blah blah of this one and also this Web site, which we listen to each of you, what would you do? This coming at the risk which this one. The status category and all the details mentioned here. Okay, so let’s go back to security profile application. What else we can do with this application agent so they help you define category we can block and of those we can in our law enforcement and we have our own little mini in them, we don’t need to test them. Then there is block implication directed unamplified to get their thing, the one which was that was it will be enforced not to block this one is block application to a non.
So, I need to on the EXPE again, which I was showing you, the Sambit is now. By the way, this one is this one is different one I told them they always should be. It has to be enforced to work on those four, but it will be another dismal. But this one has black implication director unamplified for which I was talking about. And this one allowing logged different definitely will be lost. Okay, and what is Grynch is basically a protocol, a new protocol in browser. You know, normally, I mean, something is not working. This is for you trophy. Okay, so we are coming here and deny you allowed them. It is a. Anyway, it’s somewhere I need to find out in. Frank. Oh, you can say there is one place where we can go there to Great. Let me start you I don’t know why I did all the things on Drivetime. Greg. And we’ll hear from.
So, bring UDP Internet connection is an experimental a whole lot of money when your approach is not working and any other thing.
So, you have to come here and disable this one the same way you’ve done in our organization as well. Our proxy was viewing issues, so we went there. And you can enable here means you have to go this way and you will find the protocol somewhere, which you didn’t mention here.
So, if I say here.
So, that’s why this nomination, December. Because I do the ideology disabled in all our organization, our proxy war, something you shouldn’t be taking this to me to disable this then if you want the proceed properly.
So, then we use a scalpel to disable in our organization anyway.
So, that’s why it’s mentioned here as well. Where was this one? To another blog, so you can do the same job from you, Europe, while lesbian and definitely replacement may be implication their replacement, which is, as I told you, it has to be EPB is the last thing which I need to fill the black application due to a non defined form, which I was looking at more.
So, I remove everything, only enable this one and all the last thing to show you.
So, now let me enable this one and start.
So, it would be it will not work. Before it was working. Okay, and what was the IP address? We want a fair deal.
So, if I play, okay is again coming, why let me do it like this way? For some reason why I don’t know why is not liking me. Okay, let me. Get this one and also blog application. Yes, okay, now to say that for the application blocks your way, because I’m not using standard board, so it mean this tool has to work together here to replace them. I can’t remember who doesn’t them.
So, this one, I say, is to be has to work only on border DNA do to work in four for three. These are the enforcement. None other food historian also told them blog obligational unamplified.
So, I’m using nine different eighty, eighty, eighty. But if I change my old style to the standard one then it will work. Standalone, is it important for this to be? okay, if I say yes and stop and start again. Now is the standard one, and if you want to be inside and try with it, it will work. Yes. And it will show you the result as well here again with the implication control. I mean, the standard for this one is Jordan is the last one before it will be here somewhere. This blood here. The far, if you see the detail and will tell you, then the issue was the important deferred borders use entity, which is Martillo. Because the standard is 85 be we say enforce this one, so it means implication of control, you can do the border enforcement is great for you.
So, let me move to application control. This is the only thing which we can do this while the application control. Okay, from top to bottom, anything, no, let me go here if I missed something for the enforcement. This one which I applaud you and all enforcement, you’ll have to this one and it will not work. Besides Standiford.