Veechee,
I wanted to do basic web caching. I have a large user count (250) behind a small internet connection (T1). I desperately needed a solution for all my windows update issue and I absolutely hate WSUS. I know that WAN Opt is a new feature for Fortinet. I' ve been a long time Fortinet user and understand all of their development / QA issues. This is a brief write up to help show others my result and generate some positive news to the Fortinet forums. I am running 4.2.2 on a 111C. I used the Web Caching document Fortinet provides on their docs site. My cache settings are default firmware load.
http://docs.fortinet.com/fgt/handbook/fortigate_wanopt_cache_proxy-40-mr2.pdf
Just like their guide says. I have a firewall policy allowing traffic to the internet. I then created a WAN Opt & Cache rule. I selected Web Cache Only, entered my internal subnet 10.1.1.* as the source (read the guide' s IP format as it doesn' t follow standard Fortinet allowance of CIDR notation), destination 0.0.0.0, port 80, and that' s it! One of the simplest " advanced" tasks I' ve deployed with my FG unit.
I have attached a simple screen shot of the gains the past hour. This is a handful of computers downloading updates. This was taken while new updates were still being downloaded. I am continuing to see the reduction rate decrease. Again, this is a very basic configuration with computers downloading Windows Updates, not multiple users randomly browsing. The gains from updates alone are worth it for us! This will definitely help encourage more web caching deployments.
With regard to the HTTPS traffic, I would assume this is referencing the same certificate setup used for Deep Inspection (SSL Interception) which would make it more than accomplishable.
I hope this helps others out!
Thanks,