FortiOS 5.6 Online Help Link FortiOS 5.4 Online Help Link FortiOS 5.2 Online Help Link FortiOS 5.0 Online Help Link
> Chapter 25 - Security Profiles > Inspection Modes > Comparison of inspection types

Home > Online Help

Comparison of inspection types

The tables in this section show how different security features map to different inspection types and present the strengths and weaknesses of proxy- vs. flow-based inspection.

Security profile features mapped to inspection mode

The table below lists FortiOS security profile features and shows whether they are available in flow-based or proxy-based inspection modes.

note icon The DNS Filter security profile feature is only available for proxy-based inspection in FortiOS versions 5.4.0 and 5.4.1. It is available for both proxy-based and flow-based inspection in FortiOS versions 5.4.2 and above.


Security Profile Feature Flow-based inspection Proxy-based inspection
AntiVirus x


Web Filter x x
DNS Filter x x
Application Control x x
Cloud Access Security Inspection x x
Intrusion Protection x x
Anti-Spam   x
Data Leak Protection   x
VoIP   x
ICAP   x
Web Application Firewall   x
FortiClient Profiles x x
Proxy Options   x
SSL/SSH Inspection x x
Web Rating Overrides x x
Web Profile Overrides   x