RE: Port/Protocol listing for AV scan (Proxy/Flow)

DaviWang1 · 01-29-2017

Seems you may have missed one app signature. "Adobe.Flash.Media.Playback".

DaviWang1 · 01-29-2017

Sounds like you have some proxy based UTM profiles enabled which makes FortiGate running in proxy mode to respond TCP connection on behalf of the server. If you only have flow based UTM profiles in the affected firewall policy, or don't enable UTM, t...

DaviWang1 · 10-23-2016

Please either send a request to ips@fortinet.com, or file mantis bug in "IPS Engine & Sigs" to request Psiphon block without SSL deep inspection. IPS analyst team should be able to look into the feasibility.

DaviWang1 · 10-16-2016

Flow mode (done in IPS engine) doesn't rely on port numbers for security inspection. As long as the relevant protocol is enabled, all traffic will be inspected for protocol recognization first. As for HTTPS, it depends on SSL deep inspection settings...

DaviWang1 · 09-25-2016

Perhaps FAZ or FortiManager have the reporting facilities. I am not familiar with these products.

User Statistics

User Activity

RE: Flash player. How do I block flash player? There was no signatures.....

RE: TCP Round Trip Time to remote address shows 1ms when in fact it should be around 75ms

RE: Blocking proxy tunneling apps like Psiphon

RE: Port/Protocol listing for AV scan (Proxy/Flow)

RE: Report Fortigate UTM definitions

RE: Port/Protocol listing for AV scan (Proxy/Flow)

Fortinet Training Institute

KCS