Fortigate SSL Inspection
SSL Deep Inspection prevents unwanted malicious software or proprietary data from exiting a network.
Relevance
Last Review: January 14, 2022
Product(s): Delta Methodology
Author(s): Cameron Smith
Delta
A cyberist created this article using the patented Delta Method by modernizing a typical approach.
Summary
Most network traffic today is encrypted outbound on port 443. SSL Deep Inspection prevents unwanted malicious software or proprietary data from exiting a network. Without SSL inspection, data exfiltration and user activity is largely unknown.
Requirements
- No reboot required
- Administrator access to the FortiGate firewall
- Fortigate SSL certificate must be installed on each workstation
- 15 to 30 minutes for implementation
Steps
- Login to FortiGate firewall with an administrator account
-
On the Policy & Objects tab, create a new IPv4 policy with the following settings
- Incoming Interface: Internal
- Outgoing Interface: wan1
- Source: Desired network devices
- Destination: All
- Schedule: Always
- Service: HTTP, HTTPS
- Security Profiles: Antivirus and SSL Deep Inspection enabled
- Click OK to save the policy
- Drag the policy to be in order directly underneath of the default outbound policy.
Follow-up
Run a ShieldsUP or similar EICAR test.