Fortinet black logo

Administration Guide

Home FortiProxy 7.2.0 Administration Guide
7.2.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

UTM scanning on TCP forwarding access proxy traffic

UTM scanning on TCP forwarding access proxy traffic

UTM scanning and deep inspection is supported for multiple protocols in a ZTNA TCP forwarding access proxy. In addition to HTTP and HTTPS, the mail protocols (SMTP, IMAP, and POP3) and file sharing protocols (SMB and CIFS) are supported.

Examples

AV scanning for normal POP3, IMAP, and SMTP traffic

To configure AV scanning for normal POP3, IMAP, and SMTP traffic:

  1. In FortiClient, add ZTNA connection rules for the email server IP and POP3, IMAP, and SMTP ports.

  2. On the FortiProxy, configure the ZTNA TCP forwarding server to add the email server address and enable AV profile scanning in the ZTNA rules.

  3. On the client PC, open Outlook app and send emails with attachments containing virus affected files.

  4. The ZTNA rule on the FortiProxy blocks the email send/receive traffic and generates AV logs.

AV deep scanning for SSL encrypted POP3S, IMAPS, and SMTPS traffic

To configure AV deep scanning for SSL encrypted POP3S, IMAPS, and SMTPS traffic:

  1. In FortiClient, add ZTNA connection rules for the email server IP and POP3S, IMAPS, and SMTPS ports.

  2. On the FortiProxy, configure the ZTNA TCP forwarding server to add the email server address and enable AV profile scanning in the ZTNA rules.

  3. On the client PC, open Outlook app and send emails with attachments containing virus affected files.

  4. The ZTNA rule on the FortiProxy blocks the email send/receive traffic and generates AV logs.

AV scanning for SMB service traffic

To configure AV scanning for SMB service traffic:

  1. In FortiClient, add ZTNA connection rules for the SMB file sharing server IP and ports.

  2. On the FortiProxy, configure the ZTNA TCP forwarding server to add the SMB server address and enable AV profile scanning in the ZTNA rules.

  3. On the client PC, upload and download virus affected files to and from the SMB server.

  4. The ZTNA rule on the FortiProxy blocks the email send/receive traffic and generates AV logs.

File filter scanning for CIFS service traffic

To configure file filter scanning for CIFS service traffic:
  1. In FortiClient, add ZTNA connection rules for the CIFS server IP and port.
  2. On the FortiProxy, configure the ZTNA TCP forwarding server to add the CIFA server address and enable file filter profile scanning in the ZTNA rules.
  3. On the client PC, upload and download predefined file types (such as .EXE) to and from the CIFS server.
  4. The ZTNA rule on the FortiProxy blocks the email send/receive traffic and generates AV logs.
Previous
Next

UTM scanning on TCP forwarding access proxy traffic

UTM scanning and deep inspection is supported for multiple protocols in a ZTNA TCP forwarding access proxy. In addition to HTTP and HTTPS, the mail protocols (SMTP, IMAP, and POP3) and file sharing protocols (SMB and CIFS) are supported.

Examples

AV scanning for normal POP3, IMAP, and SMTP traffic

To configure AV scanning for normal POP3, IMAP, and SMTP traffic:

  1. In FortiClient, add ZTNA connection rules for the email server IP and POP3, IMAP, and SMTP ports.

  2. On the FortiProxy, configure the ZTNA TCP forwarding server to add the email server address and enable AV profile scanning in the ZTNA rules.

  3. On the client PC, open Outlook app and send emails with attachments containing virus affected files.

  4. The ZTNA rule on the FortiProxy blocks the email send/receive traffic and generates AV logs.

AV deep scanning for SSL encrypted POP3S, IMAPS, and SMTPS traffic

To configure AV deep scanning for SSL encrypted POP3S, IMAPS, and SMTPS traffic:

  1. In FortiClient, add ZTNA connection rules for the email server IP and POP3S, IMAPS, and SMTPS ports.

  2. On the FortiProxy, configure the ZTNA TCP forwarding server to add the email server address and enable AV profile scanning in the ZTNA rules.

  3. On the client PC, open Outlook app and send emails with attachments containing virus affected files.

  4. The ZTNA rule on the FortiProxy blocks the email send/receive traffic and generates AV logs.

AV scanning for SMB service traffic

To configure AV scanning for SMB service traffic:

  1. In FortiClient, add ZTNA connection rules for the SMB file sharing server IP and ports.

  2. On the FortiProxy, configure the ZTNA TCP forwarding server to add the SMB server address and enable AV profile scanning in the ZTNA rules.

  3. On the client PC, upload and download virus affected files to and from the SMB server.

  4. The ZTNA rule on the FortiProxy blocks the email send/receive traffic and generates AV logs.

File filter scanning for CIFS service traffic

To configure file filter scanning for CIFS service traffic:
  1. In FortiClient, add ZTNA connection rules for the CIFS server IP and port.
  2. On the FortiProxy, configure the ZTNA TCP forwarding server to add the CIFA server address and enable file filter profile scanning in the ZTNA rules.
  3. On the client PC, upload and download predefined file types (such as .EXE) to and from the CIFS server.
  4. The ZTNA rule on the FortiProxy blocks the email send/receive traffic and generates AV logs.
Previous
Next