Comparison of inspection types
The tables in this section show how different security functions map to different inspection types.
Mapping security functions to inspection types
The table below lists FortiOS security functions and shows whether they are applied during stateful inspection, flow-based inspection or proxy-based inspection.
FortiOS security functions and inspection types
|Security Function||Stateful Inspection||Flow-based inspection||Proxy-based inspection|
More informaion about inspection methods
The three inspection methods each have their own strengths and weaknesses. The following table looks at all three methods side-by-side.
Inspection methods comparison
|Inspection unit per session||first packet||selected packets||complete content|
|Memory, CPU required||low||medium||high|
|Level of threat protection||good||better||best|
|IPsec and SSL VPN||yes|
|Data Leak Protection (DLP)||yes||yes|
|Delay in traffic||minor||no||small|
|Reconstruct entire content||no||yes|