FortiOS supports flow-based and proxy-based inspection in firewall policies. You can select the inspection mode when configuring a policy.
Flow-based inspection takes a snapshot of content packets and uses pattern matching to identify security threats in the content.
Proxy-based inspection reconstructs content that passes through the FortiGate and inspects the content for security threats.
Each inspection mode plays a role in processing traffic en route to its destination. While both modes offer significant security, proxy-based provides more feature configuration options, while flow-based is designed to optimize performance.
This following topics provide information about inspection modes for various security profile features: