Friday, June 11, 2010

How does Fortinet filter web sites ?

I don't know about you, but I have gotten a lot of really bad results from Fortinet's web filtering service; the most recent is in the picture below. The link mentioned goes to a web site that offers the Google Books Downloader app for Macintosh. Even looking at the upper level domain (from a machine outside the reach of Fortinet), there is nothing there that is even remotely racy, much less pornographic.

I wonder who they hire to look at these web sites and rate them? Maybe this site happened to fall into the hands of a Google-hater or Mac-hater for review? I don't know, but my own experience tells me that I were ever in the position to buy such a service, Fortinet would be at the bottom of the list.

One could argue that maybe the web site was hacked and showed porno for a short time and that's why it was rated the way it was. I would counter back that Fortinet has a responsibility not to slander employees of the organizations that use their service. They are a security firm and could, for porno and other "bad" tags, send the web site to a level 2 person before applying the tag. The analysis would go something like this:

1. Did the web site ever have a different rating? If so, it probably deserves a rating like "Hacked" which means that it temporarily goes somewhere "bad" but the person who went there did not intend to go somewhere "bad".

2. If they never saw the web site before, then can they infer anything by looking at the forensics (whois,, does anyone link to them, etc).

3. Then, if they do say it was "Hacked", come back regularly to see if the rating should change.

This lets the organization block "hacked" web sites, while not impugning the reputation of those who innocently go to those web sites.

Seems like something a responsible organization would do. I hope that Fortinet would consider such a course of action for themselves since I believe that they want to do the right thing (proactively try to apply responsible ratings) vs doing the make-a-quick-buck thing (report whatever they want and let the users tell them when they make a mistake, or hide behind "the organization is not supposed to take the ratings literally and should do their own investigation" - like that ever happens).

Update: after reporting the problem to Fortinet, they corrected it in less than an hour. That normally does not happen this quickly when I report errors to them, so maybe it was the fact that I publicly tweeted it to their Twitter address @Fortinet that got them to act quickly (hint for others out there who have rating problems). In either case, I appreciate their quick action, but wish that they acted, in my opinion, in a more responsible manner to start with.


  1. Or maybe its the fact that they really do turn around their web-filter requests that quickly. I love it when people bash companies in order to get more response out of them. It such a mature and respectable thing to do. Let me guess, you're 5'4"?

  2. not quite -- you've obviously never had to deal with them. this was the fourth incident. standard turnaround was 24+ hours. i don't take measures like this unless they are called for. by THEIR actions, they have shown me how to get quick service.

    i'd love it if their response was faster, but their track record is not like that. i will accept that they MAY have fixed all of their slow processes and hired a bunch of new people that care, and that's why they responded quickly today, but i'm not holding my breath. if the next incident proves otherwise, i'll give them their due and say so here.