Hi all,
When looking at antivirus profile, i can see that only non "secure" traffic are listed,
LOFC-FG01 (AV-scan) # config http HTTP. ftp FTP. imap IMAP. pop3 POP3. smtp SMTP. nntp NNTP. smb SMB. nac-quar Quarantine settings.
For traffic such as sftp, ssh ,https passing through my firewall etc, does it even make sense to turn on antivirus ?
q1) Is AV able to look at "encrypted" traffic ? or do we need to turn on "SSL deep inspection" in order for AV to look scan encrypted traffic ?
q2) does AV " flow mode" support SSL inspection ?
q3) how does SSL deep inspection works for incoming policy ? (e.g. external/public users accessing internal webserver)
does that i means i have to buy 2 cert ? (1 to be install on the webserver, 1 on the firewall)
Regards,
Noob
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.