SSL content scanning and inspection

Chapter 15 Unified Threat Management for FortiOS 5.0 : Other Security Profiles considerations : SSL content scanning and inspection

If your FortiGate model supports SSL content scanning and inspection, you can apply antivirus scanning, web filtering, FortiGuard Web Filtering, and email filtering to encrypted traffic. You can also apply DLP and DLP archiving to HTTPS, IMAPS, POP3S, and SMTPS traffic. To perform SSL content scanning and inspection, the FortiGate unit does the following:

• intercepts and decrypts HTTPS, IMAPS, POP3S, SMTPS, and FTPS sessions between clients and servers (FortiGate SSL acceleration speeds up decryption)

• applies content inspection to decrypted content, including:

• HTTPS, IMAPS, POP3S, and SMTPS Antivirus, DLP, and DLP archiving

• HTTPS web filtering and FortiGuard web filtering

• IMAPS, POP3S, and SMTPS email filtering

• encrypts the sessions and forwards them to their destinations.

Figure 312: FortiGate SSL content scanning and inspection packet flow