Created on 04-29-2016 02:42 PM Edited on 01-30-2024 02:56 AM By Kate_M
Description
Solution
config firewall service custom
edit "QUIC"
set udp-portrange 443
end
config firewall policy
edit 0
set srcintf "lan"
set dstintf "wan"
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "QUIC"
set logtraffic all
end
config dlp sensor
edit "content"
config filter
edit 1
set proto http-get http-post
set filter-by regexp
set regexp "\\bproxy\\b"
set action block
next
edit 2
set proto http-get http-post
set filter-by regexp
set regexp "\\brestricted\\b"
set action block
end
config firewall policy
edit <ID>
set utm-status enable
set dlp-sensor "content"
set profile-protocol-options "default"
set ssl-ssh-profile "deep-inspection"
set
end
SSL deep inspection must be enabled for this configuration to work.
When attempting to search Google using the configured keywords, the FortiGate will deny access and present the DLP block page.
Related Articles
Technical Note: Disabling / Blocking QUIC Protocol to force Google Chrome to use TLS
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.