2. Create a web lter prole 3. Create an SSL inspection prole 4. Create a security prole with the web lter and SSL proles 5. Results Blocking HTT PS traffc with web fltering Some websites are accessible using http and https protocols, such as YouTube and Facebook. This example steps through how to block https access to these websites using either proxy-based or fow-based web fltering profles. You will need to have your FortiGate licensed for FortiGuard services. FortiGuard HTT PS YouTube Facebook Internet WAN 1 FortiGate Internal Internal Network 30 Go to System > Dashboard > Status. Go to UTM Security Profles > Web Filter > Profle. Select the plus icon in the upper- right corner to create a new profle. Ensure the inspection mode is set to Proxy. You can also set the Inspection Mode to Flow-based or DNS. In the Licence Information widget, verify that the FortiGate unit is connected to the FortiGuard servers. A green check mark should appear next to the services you are subscribed to. Step One: Verify FortiGuard services are enabled Step Two: Create a web flter profle 31 Go to Policy > Policy > SSL/SSH Inspection. Select the plus icon in the upper-right corner to create a new profle and enable only the HTTPS option. Go to Policy > Policy > Policy. Create a new security policy that uses the new SSL/SSH inspection profle and the HTTPS web flter profle. Step Three: Create a SSL Inspection protile Step Four: Create a security profle 32 Results In a web browser, go to https://youtube.com. The web page is blocked and a FortiGate replacement message is put up in its place. Go to UTM Security Profles > Monitor > Web Monitor. Go to System > Admin > Settings. Enable UTM Monitoring in the Display Options on GUI area. If you chose DNS block or redirect, when you visit https://youtube.com, the browser is timing out and there is no block message comes from FortiGuard.