Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
shaw38
New Contributor

Created on ‎02-14-2025 01:14 PM

Flow based VS Proxy Based

I know the differences between using flow based vs proxy based.

I recently switched all our profiles and rules over to flow based to see if this was causing slowness in the response times users were seeing. It ended up being a DNS server issue after I took packet captures and saw the DNS queries were getting server failures half the time.

Generally just curious if people are using flow based out there or proxy based in your environments!

router login 192.168.l.l
router login 192.168.l.l
Labels:
164
0 Kudos
1 REPLY 1
AEK
SuperUser
SuperUser

Created on ‎02-15-2025 12:33 AM

Flow based are faster and adapted to most use cases.

Proxy based is mandatory when you use WAF profile or mail filter profile (for incoming traffic), and for advanced features like video filter, safe search and so.

Check this doc:

https://docs.fortinet.com/document/fortigate/6.2.16/cookbook/721410/about-inspection-modes

Note this doc is for FOS 6.2 but basically it is still almost the same.

AEK
AEK
138
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.