Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mriswan
Staff
Staff

Created on ‎12-23-2024 10:13 PM Edited on ‎12-23-2024 10:13 PM By Community Manager

Article Id 366347

Technical Tip: Processing Order of UTM Profiles in FortiGate Firewall Policies

Description

 

This article describes the order of processing UTM profiles configured in firewall policies.

 

Scope

 

FortiGate.

 

Solution

 

FortiGate applies the inspection profiles in the following order:

  1. IPS.
  2. Application Control.
  3. VoIP.
  4. DLP.
  5. Antispam.
  6. Web Filtering.
  7. Antivirus.


If the policy inspection mode is flow-based, the IPS engine is responsible for processing the traffic in the below order:
IPS -> Application Control -> Web Filtering -> DLP -> Botnet checking -> AntiVirus.

If the inspection mode is proxy-based, the IPS engine performs IPS, Application Control, and Botnet checking, the rest of the profiles will be handled by a proxy.

 

For a detailed explanation of the packet processing:

Parallel Path Processing

678
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.