Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kgeorge
Staff
Staff

Created on ‎08-29-2024 03:49 AM

Article Id 337376

Technical Tip: Best Security against C&C (Command and Control) attacks between Proxy based Policy Vs Explicit Proxy Vs Transparent Proxy

Description

 

This article discusses using the best security method to protect the network environment against C&C (Command and Control) Attacks.

 

Scope

 

FortiGate.

 

Solution

 

  • The recommended solution is to use a proxy-based policy.
  • Proxy mode inspection provides the most thorough inspection of traffic, making it ideal for preventing data leaks and malicious content from entering or exiting the network.
  • By buffering traffic for inspection and applying various security filters like virus filters, DLP filters, Web Filters, and email filters in proxy mode, security measures can be enhanced effectively.

 

  • On the other end, Explicit proxy and Transparent proxy are also viable options, however, they may not offer the same level of thorough inspection and security as a proxy-based policy.
  • Explicit proxy allows for more control over web traffic and user authentication, while transparent proxy provides anonymity but may not be as effective in detecting and preventing C&C attacks compared to proxy-based policies.

 

Related documents:

Technical Tip: Explicit proxy vs. transparent proxy vs. NGFW proxy-mode

Proxy mode inspection

Inspection mode feature comparison

170
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.