FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kjohri
Staff
Staff
Article Id 277117
Description

 

This article explains the process of identifying application signatures that require deep inspection.

 

Scope

 

FortiGate, UTM.

 

Solution

 

Option 1:

Application control relies on a deep inspection profile for optimal functionality. However, it is worth noting that deep SSL inspection may not be essential for applications that do not require it.
Additionally, there is a banner at the top of the profile that indicates whether certain applications necessitate deep inspection.

To identify applications that require deep inspection, search for the specific application in the FortiGuard database at:

https://www.fortiguard.com/appcontrol/

Youtube.png

 

SSH.png

 

In some cases, the application might use TCP ports 80 and 443, in these specific cases FortiGuard Labs link will mark the SSL Deep Inspection as NO, but the application DO need deep inspection.

By convention FortiGuard Labs team mark this application as NO when both TCP ports (80 and 443) are used by the application. So it is necessary to enable deep inspection for such applications. 

The best way to confirm if an application needs or not deep inspection is checking the vendor's website. Eg. Dropbox is marked as having no deep inspection on the FortiGuard Labs link

 

dropbox.png

 

But the Dropbox link shows that it does need deep inspection.

 

 

dropbox site.png

Link:

https://help.dropbox.com/installs/configuring-firewall

 

Option 2:
Alternatively, this information can also be verified under 'Application Signatures' within the Security Profiles.
Enter the signature name into the search field, and the presence of a lock icon next to the application signature will signify that deep SSL inspection is required for that signature.


AppSignatures.png

Related documents:

Creating application control profiles
SSL/TLS deep inspection
Technical Tip: How to enable deep inspection and import a certificate in the browser.