FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
AnthonyH
Staff
Staff
Article Id 285731
Description This article describes how to enable or disable UTM's such as Intrusion Prevention, Antivirus, and Application control on the FortiGate.
Scope FortiGate
Solution
  1. Navigate to System -> Feature Visibility.

 

feature visibility.png

 

 

  1. Enable the UTM features:

 

Security Features.png

 

  1. It will now be possible to customize and configure UTMs on the FortiGate:

 

Security profiles.png

 

Important note:

Enabling UTM features in the FortiGate can have advantages, like consistent protection and additional layers of security, etc. also there are some disadvantages, enabling all UTM features can significantly impact the performance of the FortiGate, especially on lower-end models or during periods of high traffic volume. Each UTM feature requires CPU and memory resources to inspect and process traffic, which may lead to latency or reduced throughput.

 

Tip: A warning message displays when any of the UTM Features are enabled on FortiGate.

A warning message that reads 'The no-inspection profile doesn't perform SSL inspections, so it shouldn't be selected with UMT profiles or features that require SSL inspections' appears on FortiGate whenever any UTM feature is enabled and attached to a firewall policy.


Whenever a UTM feature is activated and attached to a policy, FortiGate mandates that the SSL inspection chosen must be either certificate or deep inspection, depending on the needs of the activated UTM feature. Because FortiGate will not perform any SSL inspection and the UTM feature enabled will not work as intended, the warning message 'The no-inspection profile doesn't perform SSL inspections, so it shouldn't be selected with UMT profiles or features that require SSL inspections' advises against choosing the no-inspection profile under SSL inspection.

 

Related articles:

How to configure the UTM Proxy Options (o... - Fortinet Community

Difference between SSL certificate and  and Full Inspection