Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

How SSL inspection works?


till now I was sure that there are 2 possible modes: 1) certificate inspection (inspects the SSL handshake only) and 2) deep inspection (FG terminate SSL session from WAN side and encrypts packets with FG certificate towards LAN side). Today I'm reading "..Normally Fortigate is used for SSL inspection. It decrypts a copy of a packet in order to scan it, but doesn't actually terminate the SSL session. Instead, it passes along the encrypted packet (if it doesn't violate the security policies)..." - training material "FortiWEB Integrating Front-End SNAT & Load Balancers" page 15.

Hmm... Something new? I'm missed something? A mistake in the material? A new feature which will be in 5.4?  ???

What do you think?


BR, Ramunas

Esteemed Contributor III

Hmmm...specific to FortiWeb? This description does not have to apply to a Fortigate.


"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
New Contributor II

It was talked about FortiGate. The topic is "Should you use FortiWEB or FortiGate for SSL offloading?". May be it is mistake. If I understand correctly, the "man in the middle" can't decrypt SSL traffic (at least without supercomputer)

BR, Ramunas

Top Kudoed Authors