Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Handbook

    Home FortiADC 7.4.4 Handbook
    7.4.4
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.1
    6.0.0
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.7

    Application Resources

    Application Resources

    The Application Resources module contains configuration objects that define the Virtual Server settings for application delivery control, such as the protocol settings, session persistence, and load-balancing methods to use to distribute traffic.

    The Server Load Balance > Application Resources sub-menu contains the following configurations:

    • Application Profile — The Application Profile configuration object plays a crucial role by defining how the FortiADC virtual server should handle traffic for specific protocols. Each Application Profile type is based on specific protocols that can only operate at certain OSI layers, which dictates the virtual server type, load-balance method, and persistence methods that can be used.
      For details, see Configuring Application profiles.
    • Client SSL — The Client SSL profile is used to manage the SSL session between the client and the proxy, which allows the FortiADC to accept and terminate client requests sent via the SSL protocol. For details, see Configuring Client SSL profiles.
    • HTTP2 Profile — For HTTP/S Application Profiles, you can enable it to support HTTP/2 by specifying an HTTP2 Profile. The HTTP/2 protocol uses binary encoding rather than text encoding, making it more efficient, and allowing it to support functionality such as server push, multiplexing of requests, and header compression.
      For details, see Configuring HTTP2 profiles.
    • HTTP3 Profile — For HTTP/S Application Profiles, you can enable it to support HTTP/3 by specifying an HTTP3 Profile. HTTP/3 is the latest version of the HTTP protocol and unlike previous versions which relied on TCP to handle streams in the HTTP layer, HTTP/3 uses QUIC (Quick UDP Internet Connections), a multiplexed transport protocol built on UDP. The HTTP/3 protocol has a lower latency as a result of using QUIC, allowing it to have a quicker handshake for establishing a secure session compared to HTTP/2 which achieves this using TCP and TLS.
      For details, see Configuring HTTP3 profiles.
    • LB Method — The LB Method configuration object defines the load-balancing algorithm, types, or techniques to use for distributing traffic, which include commonly used methods such as Round-robin, IP hash, and Least connection.
      For details, see Configuring load-balancing (LB) methods.
    • Persistence — The Persistence configuration object allows you to define persistence rules to identify traffic that should not be load-balanced, but instead be forwarded to the same backend server based on specific session attributes. The persistence rule is then evaluated before load-balancing rules, so that when packets received by FortiADC matches an entry in the persistence session, the packets are then forwarded to the server that established the connection and load-balancing rules will not be applicable.
      For details, see Configuring persistence rules.
    • Error Page — Applicable to HTTP/S load-balancing, the Error Page configuration allows you to customize an HTML error page to respond to clients attempting HTTP/S connections when backend real servers are unavailable. For details, see Configuring error pages.
    • Decompression — Applicable to HTTP/S load-balancing, Decompression rules allow FortiADC to decompress the HTTP response traffic that was previously compressed to allow modules to perform inspection or modification before passing to the backend server.
      For details, see Configuring decompression rules.
    • CaptchaFortiADC allows administrators to validate incoming users with CAPTCHAs to determine whether a client is a regular user or an attacker. The Captcha configuration allows you to customize a CAPTCHA page to use your own verifications in the event a WAF or DoS attack is triggered.
      For details, see Configuring Captcha.
    Previous
    Next

    Application Resources

    Application Resources

    The Application Resources module contains configuration objects that define the Virtual Server settings for application delivery control, such as the protocol settings, session persistence, and load-balancing methods to use to distribute traffic.

    The Server Load Balance > Application Resources sub-menu contains the following configurations:

    • Application Profile — The Application Profile configuration object plays a crucial role by defining how the FortiADC virtual server should handle traffic for specific protocols. Each Application Profile type is based on specific protocols that can only operate at certain OSI layers, which dictates the virtual server type, load-balance method, and persistence methods that can be used.
      For details, see Configuring Application profiles.
    • Client SSL — The Client SSL profile is used to manage the SSL session between the client and the proxy, which allows the FortiADC to accept and terminate client requests sent via the SSL protocol. For details, see Configuring Client SSL profiles.
    • HTTP2 Profile — For HTTP/S Application Profiles, you can enable it to support HTTP/2 by specifying an HTTP2 Profile. The HTTP/2 protocol uses binary encoding rather than text encoding, making it more efficient, and allowing it to support functionality such as server push, multiplexing of requests, and header compression.
      For details, see Configuring HTTP2 profiles.
    • HTTP3 Profile — For HTTP/S Application Profiles, you can enable it to support HTTP/3 by specifying an HTTP3 Profile. HTTP/3 is the latest version of the HTTP protocol and unlike previous versions which relied on TCP to handle streams in the HTTP layer, HTTP/3 uses QUIC (Quick UDP Internet Connections), a multiplexed transport protocol built on UDP. The HTTP/3 protocol has a lower latency as a result of using QUIC, allowing it to have a quicker handshake for establishing a secure session compared to HTTP/2 which achieves this using TCP and TLS.
      For details, see Configuring HTTP3 profiles.
    • LB Method — The LB Method configuration object defines the load-balancing algorithm, types, or techniques to use for distributing traffic, which include commonly used methods such as Round-robin, IP hash, and Least connection.
      For details, see Configuring load-balancing (LB) methods.
    • Persistence — The Persistence configuration object allows you to define persistence rules to identify traffic that should not be load-balanced, but instead be forwarded to the same backend server based on specific session attributes. The persistence rule is then evaluated before load-balancing rules, so that when packets received by FortiADC matches an entry in the persistence session, the packets are then forwarded to the server that established the connection and load-balancing rules will not be applicable.
      For details, see Configuring persistence rules.
    • Error Page — Applicable to HTTP/S load-balancing, the Error Page configuration allows you to customize an HTML error page to respond to clients attempting HTTP/S connections when backend real servers are unavailable. For details, see Configuring error pages.
    • Decompression — Applicable to HTTP/S load-balancing, Decompression rules allow FortiADC to decompress the HTTP response traffic that was previously compressed to allow modules to perform inspection or modification before passing to the backend server.
      For details, see Configuring decompression rules.
    • CaptchaFortiADC allows administrators to validate incoming users with CAPTCHAs to determine whether a client is a regular user or an attacker. The Captcha configuration allows you to customize a CAPTCHA page to use your own verifications in the event a WAF or DoS attack is triggered.
      For details, see Configuring Captcha.
    Previous
    Next