Refer to the exhibits. The exhibits show a network topology, a firewall policy, and an SSL/SSH inspection profile configuration. Why is FortiGate unable to detect HTTPS attacks on firewall policy ID 3 targeting the Linux server?
A.
The administrator must set the policy to inspection mode to analyze the HTTPS packets as expected.
B.
The administrator must enable HTTPS in the protocol port mapping of the deep- inspection SSL/SSH inspection profile.
C.
The administrator must enable SSL inspection of the SSL server and upload the certificate of the Linux server website to the SSL/SSH inspection profile.
D.
The administrator must enable cipher suites in the SSL/SSH inspection profile to decrypt the message.
I think the answer should be B, because inspection mode of the policy is Proxy and port 443 is disabled, so the SSL/SSH profile doesn't scan port 443 (HTTPS)
The behavior of inspecting all ports can be different between flow and proxy mode inspection when the inspection mode is configured in a firewall policy.
In proxy mode inspection, when deep inspection is enabled:
If Inspect all ports is disabled, only the ports specified in the Protocol Port Mapping section will be scanned.
If Inspect all ports is enabled, all ports will be scanned.
In flow mode inspection, when deep-inspection is enabled:
All ports will be scanned, regardless of whether or not Inspect all ports is enabled or disabled.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Yaghu
2 weeks, 6 days agodjekson
3 weeks, 1 day ago