I know that I can check the certificate when I am browsing and see it's secured by the Fortinet certificate. I am mostly interested in seeing, for my own eyes, that its working for my Outlook POP3, IMAP SSL connections as well. I have combed through the logs and do not see anything within the log that it says SSL deep packet inspection is turned on. This can be that hard to show that it's working and make it part of the selling point of the UTM bundle.
Thoughts?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
This doesn't directly answer your specific question, but the way I demonstrate the value of DPI is to set up an Internet access policy with AV enabled and show that with DPI enabled the FortiGate blocks any attempt to download the EICAR antivirus test file over HTTPS. When you flip the policy to normal certificate inspection the EICAR file isn't blocked over HTTPS. This is also a good sanity check to make sure that DPI is properly protecting clients.
Russ
NSE7
Thanks! Good idea!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.