Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Paddy
New Contributor

SSL Deep Inspection

I have a small office.  5 computers, iPad, iPhones, and a Playstation ;) 

 

I am considering using deep inspection so the UTM features are better able to catch stuff.  

 

How difficult is it to deploy?   Just load certificates on everything?

2 REPLIES 2
srajeswaran
Staff
Staff

It is very easy to deploy. It can work without even loading the certificate, but you will always get a certificate warning.

You may follow https://kb.fortinet.com/kb/documentLink.do?externalID=FD46282 for the exact procedure.

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
Markus
Valued Contributor

On Mobile/iPad/Playstation, you will always have certificate warnings, because you can't import (well, it depends, maybe you can import the CA certificate, but this will warn to). Another "problem" are apps, that use their own integrated encryption, like whatsapp, skype, they will not working with deep inspection, as long as you do not exempt them. URIs with certificate pinning also don't work. As srajeswaran_FTNT mentioned bevor, the deployment is easy, but it will break some things.


________________________________________________________
--- NSE 4 ---
________________________________________________________

________________________________________________________--- NSE 4 ---________________________________________________________
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors