Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
bbae
Staff
Staff

Created on ‎02-29-2024 06:56 AM Edited on ‎02-29-2024 06:57 AM By Moderator

Article Id 302154

Technical Tip: Scanning order for application control

Description This article describes the scanning order for application control.
Scope FortiGate v7.2 and above.
Solution

An Application control (IPS engine) on FortiGate inspects incoming traffic for signature-matching.

 

The one scans the traffic for matches in the following order for the application control profile:

 

  1. Application and filter overrides: The application control profile considers those first if any application overrides or filter overrides were configured. The inspection order is operated to scan top to bottom like the Firewall policy.

  2. Categories: Finally, the application control profile applies actions configured before in the category selected by inspection.

order.png

 

Note: It would help to consider other scans like web filtering, although an Application control is done.
Because even if the application control verdicts it as allowed, web filtering could still block it.
910
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.