To configure the FortiGuard Web Filter categories

1. Go to the Edit Web Filter Profile
2. The category groups are listed in a widget. You can expand each category group to view and configure every subcategory individually within the groups. If you change the setting of a category group, all categories within the group inherit the change.
3. Select the category groups and categories to which you want to apply an action.

To assign an action to a category left click on the category and select from the pop up menu.

4. Select Apply or OK.

Apply the web filter profile to an identity-based security policy. All the users subject to that policy are restricted by the quotas.

If you look at your logs carefully, you may notice that not every URL connection in the log shows a category. They are left blank. If you take one of those URL and enter it in the FortiGuard website designed to show the category for a URL it will successfully categorize it.

The reason for this is that to optimize speed throughput and reduce the load on the FortiGuard servers the FortiGate does not determine a category rating on scripts and css files.

Configuring FortiGuard Category quotas

1. Go to the Edit Web Filter Profile window
2. Verify that the categories that need to have quotas on them are set to one of these actions:
   • Monitor l Warning l Authenticate
3. Under Category Usage Quota, Select Create New or Edit
4. In the New/Edit Quota window that pops up, enable or disable the specific categories for that quota.
5. At the bottom of the widget, select a quota type and daily allowance for each user:
   • Time — can be entered in Hours, Minutes, or Seconds.
   • Traffic — can be entered in Bytes, KB, MB, or GB The value must be greater than 0.
6. Select Apply or OK.
7. Continue with any other configuration in the profile Select Apply or OK.

Apply the web filter profile to an identity-based security policy. All the users subject to that policy are restricted by the quotas.

The use of FortiGuard Web Filtering quotas requires that users authenticate to gain web access. The quotas are ignored if applied to a security policy in which user authentication is not required.

Editing the web filter profile resets the quota timers for all users.

Configure Allowed Blocked Overrides

1. Go to the Edit Web Filter Profile window.
2. Enable Allow Blocked Override

Configuring web filter profiles

3. In the Apply to Group(s) field select the desired User Group
4. In the Assign to Profile field, select the desired profile

Configure search engine

There are 2 primary configuration settings in this section.

Enable SafeSearch

To enable the SafeSearch settings

1. Go to the Edit Web Filter Profile window.
2. Enable SafeSearch
3. Enable Search Engine SafeSearch
4. Enable YouTube Filter
5. Enter the YouTube User ID in the Text field

Log all search keywords

In the GUI, the configuration setting is limited to a checkbox.

Configure static URL filter

Web content filter

To enable the web content filter and set the content block threshold

1. Go to the Edit Web Filter Profile window.
2. In the Static URL Filter section enable Web Content Filter.
3. Select Create New.
4. Select the Pattern Type.
5. Enter the content Pattern.
6. Enter the Language from the dropdown menu.
7. Select Block or Exempt, as required, from the Action
8. Select Enable.
9. Select