dfollis wrote:

When I review the SSL Inspection settings, TLS is not one of the protocols shown as being scanned.  Since TLS is essentially SSL v4.x, I would think that Fortigate SSL scanning would support decrypting such streams.  But we are seeing a situation where the TLS encoded traffic from our hosted spam filtering provider is not being decrypted as it passes the Fortigate to our Exchange Hub Transport.  This has allowed a few malicious files to pass.  Is there any solution to this?  We are running 5.2.3 on a 500D.  We are using deep inspection with all protocols enabled.

SSL is just a general term which covers TLS as well. Just like the library OpenSSL which does support TLS. FortiGate's SSL deep inspection does cover TLS.