Websense Integrated Services Protocol
Websense Integrated Services Protocol (WISP) servers can be used server, which allows the FortiGate to send traffic to the third-party web filtering service for rating and approval checking.
When WISP is enabled, the FortiGate maintains a pool of TCP connections to the WISP server. The TCP connections are used to forward HTTP request information and log information to the WISP server and receive policy decisions.
When a WISP server is used in a web filter profile, in flow or proxy mode, the following web filter scanning priority sequence is used:
- Local URL filter
- Websense web filtering service
- FortiGuard web filtering service
The following example uses a WISP server configured in a flow mode web filter profile.
To use a WISP server in flow mode:
- Configure the WISP servers:
config web-proxy wisp edit "wisp1" set server-ip 10.2.3.4 next edit "wisp2" set server-ip 10.2.3.5 next edit "wisp3" set server-ip 192.168.1.2 next edit "wisp4" set server-ip 192.168.3.4 next end
- Configure the web filter profile:
config webfilter profile edit "webfilter_flowbase" set feature-set flow config ftgd-wf unset options config filters edit 64 set category 64 set action block next end end set wisp enable set wisp-servers "wisp1" "wisp2" set wisp-algorithm {primary-secondary | round-robin | auto-learning} set log-all-url enable next end