FortiOS 5.6 Online Help Link FortiOS 5.4 Online Help Link FortiOS 5.2 Online Help Link FortiOS 5.0 Online Help Link

Home > Online Help

> Chapter 25 - Security Profiles > Inspection Modes > Comparison of inspection types

Comparison of inspection types

The tables in this section show how different security features map to different inspection types and present the strengths and weaknesses of proxy- vs. flow-based inspection.

Security profile features mapped to inspection mode

The table below lists FortiOS security profile features and shows whether they are available in flow-based or proxy-based inspection modes.

Security Profile Feature Flow-based inspection Proxy-based inspection
AntiVirus x


Web Filter x x
DNS Filter x x
Application Control x x
Cloud Access Security Inspection x x
Intrusion Protection x x
Anti-Spam   x
Data Leak Protection x x
VoIP   x
ICAP   x
Web Application Firewall   x
FortiClient Profiles x x
Proxy Options   x
SSL/SSH Inspection x x
Web Rating Overrides x x
Web Profile Overrides   x

Inspection modes comparison

Each inspection mode has its own strengths and weaknesses.

Feature Flow Proxy
Inspection unit per session selected packets, single pass architecture, simultaneous application of configured inspection methods complete content, configured inspection methods applied in order
Memory, CPU required medium high
Level of threat protection better best
AntiVirus protection yes yes
Web Filtering yes yes
Data Leak Protection (DLP) yes yes
Application control yes  
IPS yes  
Delay in traffic no small
Reconstruct entire content no yes