• 8
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

FortiGate SSL Offloading & Intrusion Protection System

We're using a FortiGate 620B (v5.2.9) for offloading SSL traffic to our website. Now we would like to activate the Intrusion Protection System (the IPS).

However in order for the IPS to work, SSL deep inspection needs to be activated, which de-crypts the traffic before handing it over to the IPS.

As soon I activate the SSL deep inspection the CPU load triples, which clearly shows that FortiGate is doing some extra work - and a lot of it (it's probably decrypting,inspecting and ten recrypting the traffic, before passing it to over the SSL offloading).

The question here is should SSL deep inspection be turned on, since our FortiGate already does SSL offloading? Will IPS work without SSL inspection?

Trending Tags