Refer to the exhibits. The exhibits show a network topology, a firewall policy, and an SSL/SSH inspection profile configuration.
Why is FortiGate unable to detect HTTPS attacks on firewall policy ID 3 targeting the Linux server?
A.
The administrator must set the policy to inspection mode to analyze the HTTPS packets as expected.
B.
The administrator must enable HTTPS in the protocol port mapping of the deep- inspection SSL/SSH inspection profile.
C.
The administrator must enable SSL inspection of the SSL server and upload the certificate of the Linux server website to the SSL/SSH inspection profile.
D.
The administrator must enable cipher suites in the SSL/SSH inspection profile to decrypt the message.
The FortiGateSSL/SSH inspection profileis configured forFull SSL Inspection, which is necessary to analyze encrypted HTTPS traffic. However, the firewallpolicy is protecting an SSL server (the Linux server hosting the website), and currently, the SSL/SSH profileonly applies to client-side SSL inspection.
To detect HTTPS-based attacks targeting the Linux server:
●FortiGate must act as an SSL intermediaryto inspect encrypted traffic destined for the web server.
● The administratormust upload the SSL certificate of the Linux web serverto FortiGate so that theserver-side SSL inspectioncan decrypt incoming HTTPS traffic before analyzing it.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit