ORIGINAL: FortiAdam If a policy only allows HTTP and HTTPS why does it matter if my AV profile is set to scan all protocols? Wont only the HTTP and HTTPS traffic pass through the AV proxy in this scenario?Hi FortiAdam, sorry I should have clarified. Good question! For the bit about inbound traffic, if the rule only allows HTTP/HTTPS then it wouldn' t matter if other protocols are checked. The recommendation to scope the profile down comes from two parts.. one is organization, and two is flexibility. You probably want - or will want - in most installations the ability to change outbound profiles vs inbound profiles to suit your needs. You may not want someone to accidentally change something that affects every rule that has AV turned on. Not to say that your model won' t work, the point I was trying to make is that with a few different profiles scoped to your needs you lessen the risk that making changes to outbound UTM (which can be common) may make unintended consequences for inbound UTM (less common). If your needs only dictate one AV profile and you have administrative access to the firwall locked down pretty well, there is no reason why you couldn' t be successful. Hope this helps. Cheers!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.