Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

DeepKuma2
Contributor

Do I need to apply WAF policy to LAN users?

Hi,

I have a simple question. This topic is making me confuse. Is the WAF working as ATP?  Do I need to apply WAF policy to LAN users policy (LAN to WAN)?

 

Regards,

Deepak Kumar

Deepak Kumar First Option General Trading LLC Dubai
Deepak Kumar First Option General Trading LLC Dubai
1 Solution
rmoussa
Contributor

Hi,

WAF usually is meant to protect your webservers. I don't find it useful to use it on your LAN users if this is thr traffic going out of the company. Apply deep isnpection, AV, IPS, Webfilter,Appcontrol and you will be protect.

If you need ATP, integrate with Sandbox.

Rony Moussa

NSE Certified : Level 8

Rony Moussa
Fortinet NSE Certified: Level 8

View solution in original post

Rony MoussaFortinet NSE Certified: Level 8
4 REPLIES 4
Rafael_LEHMANI_FTNT

Hi Deepack,
Fortiweb protects request/respose flows to/from configured pools of servers.
You can configure pools on LAN and/or WAN side.

Rafael Lehmani | Consulting System Engineer | 

rlehmani@fortinet.com

Rafael LEHMANI
DeepKuma2

Hi,

My question was for the LAN users not for the Server. Is it work as ATP? or It is helpful only for server.

 

Regards,

Deepak Kumar

Deepak Kumar First Option General Trading LLC Dubai
Deepak Kumar First Option General Trading LLC Dubai
Rafael_LEHMANI_FTNT

Hi Deepak,
LAN users requests&responses will be protected as soon as they match HTTP(s) Server Pool.
Ping me if you do have a specific use case.
Brgds
Rafael

Rafael Lehmani | Consulting System Engineer | 

Rafael LEHMANI
rmoussa
Contributor

Hi,

WAF usually is meant to protect your webservers. I don't find it useful to use it on your LAN users if this is thr traffic going out of the company. Apply deep isnpection, AV, IPS, Webfilter,Appcontrol and you will be protect.

If you need ATP, integrate with Sandbox.

Rony Moussa

NSE Certified : Level 8

Rony Moussa
Fortinet NSE Certified: Level 8
Rony MoussaFortinet NSE Certified: Level 8