Comparison of inspection types
The tables in this section show how different security features map to different inspection types and present the strengths and weaknesses of proxy- vs. flow-based inspection.
Security profile features mapped to inspection mode
The table below lists FortiOS security profile features and shows whether they are available in flow-based or proxy-based inspection modes.
|The DNS Filter security profile feature is only available for proxy-based inspection in FortiOS versions 5.4.0 and 5.4.1. It is available for both proxy-based and flow-based inspection in FortiOS versions 5.4.2 and above.|
|Security Profile Feature||Flow-based inspection||Proxy-based inspection|
|Cloud Access Security Inspection||x||x|
|Data Leak Protection||x|
|Web Application Firewall||x|
|Web Rating Overrides||x||x|
|Web Profile Overrides||x|