Is the FGT60D V 5.2.5 capable to scan antivirus in https? I don't see any hints in the Antivirus Profile which point this out. When i take Proxy mode i see only the standard protocols but no https for example. In other words how can I see if FGT 60D can ssl-deep scan?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I think you are mixing up SSL Certificate Inspection and Full SSL Inspection.
SSL Certificate inspecition only looks at the Common Name of the certificate and uses this value to lookup the website category.
Full SSL inspection is acting as a man-in-the-middle proxy and analyzes the datastream.
Enable both a full ssl inspection profile and the antivirus profile on the outgoing policy and you should be able to catch the eicar https test file.
Yes you certainly can.
This cookbook video quickly goes through howto enable this: https://www.youtube.com/watch?v=LemxyQ2Efg0
Hi Neobit,
thanks for the link but thats not exactly what I mean.
SSL-Inspection exists und is preselected with the default certificate from Fortinet.
But have a look at the attached picture.
I am missing the secured protocols like https.
The fact is when I download the Eicar Testfile with https nothing happens.
So i am not sure if the FGT60D be able to can scan https traffic?
May be i am mixed up ssl-deep scan with antivirus https scan.
I think you are mixing up SSL Certificate Inspection and Full SSL Inspection.
SSL Certificate inspecition only looks at the Common Name of the certificate and uses this value to lookup the website category.
Full SSL inspection is acting as a man-in-the-middle proxy and analyzes the datastream.
Enable both a full ssl inspection profile and the antivirus profile on the outgoing policy and you should be able to catch the eicar https test file.
Hi localhost, thanks for the helpful hint. You are absolutely right. If I select deep Inspection antivirus scans also the file inside https. In this case it is neccessary to import the proxy certificate otherwise the browser will not accept any ssl connections. Many thanks and merry christmas.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.