Will the setup able to inspect the file from client PC to the RDP host? My config will be source "client" destination "jumphost" all UTM turned ON with deep inspection. So my concern if the client has a encrypted malware to be copy into the host, will FGT able inspect and drop the connection/ packet? OR my setup is wrong?
As far as I know RDP/VNC protocols aren't supported yet in utm file inspection (it can be identified as rdp or vnc traffic in application control utm). Data could be encrypted with password or certificate. Can ask TAC support for more details and TAC may file an NFR mantis bug. Dev will investigate if feasible to support (protocol could be very complex), then give time estimation to finish the feature. It is recommended to request new protocols support (as customer feedback) thru TAC support to keep the utm security features upto date . Thanks.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.