Fortinet Document Library

Version:


Table of Contents

New Features

6.2.0
Download PDF
Copy Link

Flow versus proxy policy improvement  6.2.1

In FortiOS 6.0, inspection mode is per VDOM. In FortiOS 6.2, the inspection mode is per policy. A policy's inspection mode is independent of the UTM profiles that are assigned to it. If UTM is disabled, or profiles are removed, the policy's inspection mode does not change.

The following table shows the post-upgrade to FortiOS 6.2 states for the given FortiOS 6.0 states:

FortiOS 6.0

 

After upgrade to FortiOS 6.2

VDOM Inspection Mode

AV Profile Inspection Mode

AV Scan Mode

Policy UTM Status

 

AV Scan Mode

Policy Mode

Policy UTM Status

Proxy

N/A

N/A

Disable

 

N/A

Flow

Disable

Proxy

Proxy

N/A

Enable

 

Full

Proxy

Enable

Proxy

AV: Flow

WF: Proxy

Full

Enable

 

Full1

Proxy

Enable

Proxy

Flow

Full

Enable

 

Full1

Flow

Enable

Proxy

Flow

Quick

Enable

 

Quick

Flow

Enable

Flow

N/A

N/A

Disable

 

N/A

Flow

Disable

Flow

Flow

Full

Enable

 

Full

Flow

Enable

Flow

Flow

Quick

Enable

 

Quick

Flow

Enable

1. WAD ignores this option.

Flow versus proxy policy improvement  6.2.1

In FortiOS 6.0, inspection mode is per VDOM. In FortiOS 6.2, the inspection mode is per policy. A policy's inspection mode is independent of the UTM profiles that are assigned to it. If UTM is disabled, or profiles are removed, the policy's inspection mode does not change.

The following table shows the post-upgrade to FortiOS 6.2 states for the given FortiOS 6.0 states:

FortiOS 6.0

 

After upgrade to FortiOS 6.2

VDOM Inspection Mode

AV Profile Inspection Mode

AV Scan Mode

Policy UTM Status

 

AV Scan Mode

Policy Mode

Policy UTM Status

Proxy

N/A

N/A

Disable

 

N/A

Flow

Disable

Proxy

Proxy

N/A

Enable

 

Full

Proxy

Enable

Proxy

AV: Flow

WF: Proxy

Full

Enable

 

Full1

Proxy

Enable

Proxy

Flow

Full

Enable

 

Full1

Flow

Enable

Proxy

Flow

Quick

Enable

 

Quick

Flow

Enable

Flow

N/A

N/A

Disable

 

N/A

Flow

Disable

Flow

Flow

Full

Enable

 

Full

Flow

Enable

Flow

Flow

Quick

Enable

 

Quick

Flow

Enable

1. WAD ignores this option.