Enabling carrier endpoint blocking
To enable carrier endpoint blocking you first need to create a carrier endpoint filter list, and then enable it.
To enable carrier endpoint blocking – web-based manager
- Create a carrier endpoint filter list.
- Go to Security Profiles > MMS Profile.
- Select Create New, or select an existing profile to edit and select Edit.
- Expand MMS Scanning.
- Select one or more types of MMS messaging to enable endpoint blocking on.
- Select the carrier endpoint filter list to use in matching the endpoints to be blocked.
Create a carrier endpoint filter list
A carrier endpoint filter list contains one or more carrier endpoints to match. When used in MMS scanning entries in the filter list that are matched are blocked.
You can configure multiple filter lists for different purposes and groups of clients, such as blocking clients, clients with different levels of service agreements, and clients from other carriers. See Carrier endpoint filter lists configuration settings.
To create a carrier endpoint filter list – web-based manager
- Go to Security Profiles > Carrier Endpoint Filter Lists.
- Select Create New.
- Enter a descriptive name for the filter list, such as blocked_clients or CountryX_clients, and select OK.
- Select Create New to add one or more entries to the list.
- Select OK to return to display the list of filter lists.
Configuring endpoint filter list entries
For each single endpoint or group of endpoints have part of their identifying information in common, you create an entry in the endpoint filter list.
For example a blocked_clients filter list may include entries for single endpoints added as each one needs to be blocked and a group of clients from a country that does not allow certain services.
To configure an endpoint filter list entry – web-based manager
- Select Create New.
- Enter the following information and select OK.
Name | Name of endpoint filter list. Select this name in an MMS protection profile. | |
Comments | Optional description of the endpoint filter list. | |
Check/Uncheck All | Select the check box to enable all endpoint patterns in the MMS filter list.
Clear the check box to disable all entries on the MMS filter list. You can also select or clear individual check boxes to enable or disable individual endpoint patterns. |
|
Pattern | The pattern that FortiOS Carrier uses to match with endpoints. The pattern can be a single endpoint or consist of wildcards or Perl regular expressions that will match more than one endpoint. For more on wildcard and regular expressions, see Using wildcards and Perl regular expressions in the UTM guide. | |
Action | Select the action taken by FortiOS Carrier for messages from a carrier endpoint that matches the endpoint pattern:
None – No action is taken. Block – MMS messages from the endpoint are not delivered and FortiOS Carrier records a log message. Exempt from mass MMS – MMS messages from the endpoint are delivered and are exempt from mass MMS filtering. Mass MMS filtering is configured in MMS protection profiles and is also called MMS Bulk Email Filtering and includes MMS message flood protection and MMS duplicate message detection. A valid use of mass MMS would be when a service provider notifies customers of a system-wide event such as a shutdown. Exempt from all scanning – MMS messages from the endpoint are delivered and are exempt from all MMS protection profile scanning. |
|
Content Archive | MMS messages from the endpoint are delivered, the message content is DLP archived according to MMS DLP archive settings.
Content archiving is also called DLP archiving. |
|
Intercept | MMS messages from the endpoint are delivered. Based on the quarantine configuration, attached files may be removed and quarantined. | |
Pattern Type | The pattern type: Wildcard, Regular Expression, or Single Endpoint. | |
Enable | Select to enable this endpoint filter pattern. | |