Hi, I have enabled deep inspection ssl inspection profile on the
firewall. We want to control all outbound SSL traffic to use only TLS
v1.2 and should drop traffic if any other TLS version is negotiated. I
could find application ID's related to TLS v...
Hi all, We want to implement basic file-blocking from certain URL
categories. The device is operating in profile mode in flow mode. Under
system for feature visibility we are not finding DLP sensor. On the Cli
tried creating a new DLP sensor and "set...
Hi, I know that switching to NGFW mode will put the firewall inspection
in flow mode. Any idea if we can use DLP sensor in flow mode. As it's
not visible in the GUI. I tried enabling the DLP default sensor in Flow
mode but still not visible in the GU...
Hi, After facing web-filtering issues in NGFW mode in 5.6. I have
reverted to profile based mode. Web-filtering is working as expected but
url-category information is missing in the web-filtering logs and even
under websites in Fortiview. To ensure w...
Hi ZeroInterrupt, Yes I have enabled in multiple security profile
function under feature visibility in system settings. However, please
note this functionality of using different SSL inspection profiles is
only available when the device is operating ...
Hi, Thanks for your responses. Roman why would somebody ever enable Deep
SSL Inspection for all the traffic on the firewall and kill it's
performance. We want to enable deep-inspection for different saas
applications for different users. This is real...
Don't use 5.6 at all. its a pathetic release with poor QA job. If you
are in NGFW mode in 5.6 then you are more affected as there can be only
a single SSL inspection profile and that will be applied to all the
firewall rules, so how great is that. Re...
