...
A. The Fortigate is the Unified Threat Management system we have from Fortiguard. The Foritgate Fortigate sits in front of all the internet traffic for all of the school districts and organizations we serve and does the network security - from web filtering, virus and malware filtering to more advanced protection features such as IDS, IPS, NAT, packet inspection, and other security features, all in one appliance.
...
A. When websites are first viewed through the Fortigate, it will categorize the page based on existing filters set in place by your school's administration. Obvious controversial website categories, such as pornography and spam, are blocked. Some categories may or may not be blocked, as each district has local flexibility, such as streaming video for websites such as You Tube YouTube and Google Video, and controversial topics (alcohol, weapons, violence, etc). The categories in place are based upon what the administration has deemed acceptable for your district and access privileges to sites may be modified for teachers and students separately. You can find the complete list of Groups and Categories used by the Fortigate here.
...
It also does advanced filtering by IP address, where Fortigate will block addresses known to pump out spam and host attack sites among others. If a specific address was known to have been compromised, or if a student is mirroring restricted content from his home high-speed internet connection (possibly with just an IP address and no DNS name), we can block the traffic without needing a URL or web address. This style of blocking is more of a specific "surgical" method compared to URL blocking, which can blanket multiple IP addresses, however many websites can also be hosted on a single webserverweb server, so that if one has objectionable content, all could be blocked until the IP block is corrected (for instance, most of our school district websites are on a single server IP).
...
A. REMC can be considered a sort of "central broker" for web filtering. Because it's one system that serves 25 separate districts and organizations, all of the filtering requests comes here rather than having filtering requests for each district that redirect to many places. Each district chooses which categories they want blocked, and any particular exceptions (things like: block streaming media, but allow You TubeYouTube, or block games, but allow educational games).
...
A. We understand it can be confusing because of the numerous ways that Fortigate tries to filter and block. It's a dynamic system, so there have been times when it's been wrong and done things like suddenly decided 'google.com' is in the category 'pornography', which further confuses things when things are open one day, closed the next, etc. It's not necessarily a decision to block a site, but generally, the decision to block a particular category, and now the site in question suddenly falls into that category.
Due to the dynamic nature of the internet, a lot of problems arise when a change is made on a website that was not part of Fortiguard's initial survey of the site. Usually, it's a change in IP of the web sites website's server, or of the category it's being rated as, whether that's correct or not. Such incorrect classifications are sent to Fortiguard for review and correction, which generally happens in less than 24 hours.
...
A.When a website is blocked due to it being unrated, it means that the website did not fit into predefined categories of web pages that are on the Fortigate and was hence blocked as a safety precaution with a feature called 'strict blocking'. There are over 80,000 new pornographic websites created each month, so in order to provide the safest environment, unknown websites are generally blocked until they are classified, rather than let unclassified inappropriate sites be viewed. Clicking the 'submit to Fortigate' link will send them the information and get the sites you want to use reviewed and classified quickly. This will ensure your access quicker than just waiting for Fortigate to find the site and classify it on their own, due to the sheer number of websites on the internet: A February 2009 survey of the internet found 215,675,903 web sites websites active with URL's, while as of December 2009 Fortiguard had classified 54,300,591 of them.
Q. Why are unrated sites blocked?
...
We use Fortigate for filtering because we don't have time to classify those 8 new websites every second. Fortigate has a large international database of classified sites (over 47M sites), but not all local sites have been reviewed and classified, so ones that have not fall into the 'unrated' category, just like the 50,000 new porn sites created every month.By filling out the unrated form one time, Fortigate reviews and classifies any site you'd like to visit within a few hours, and then they are properly classified forever after, for all Fortigate users worldwide. Usually, the Fortigate is not incorrectly identifying sites, it's just that because they are small and local vs national/international, they aren't in the system - yet. It's faster and better to get it classified than to use an override, and then you never have to for that site again, and neither do any other teachers or students.
...