Fortinet black logo

Administration Guide

Home FortiProxy 7.2.9 Administration Guide

Getting started

7.2.9
7.4.3
7.4.2
7.4.1
7.4.0
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0
Copy Link
Copy Doc ID a344021c-c7b6-11ee-8c42-fa163e15d75b:93302
Download PDF

Getting started

FortiProxy provides a secure web gateway that protects against web attacks using URL filtering, visibility and control of encrypted web traffic through SSL and SSH inspection, and the application of granular web application policies. Flexible deployment modes cover inline, explicit, and transparent deployments.

  • Application Control allows you to identify and control applications on networks and endpoints regardless of the port, protocol, and IP address used. It gives you unmatched visibility and control over application traffic, even traffic from unknown applications and sources.

  • SSL and SSH inspection allows you to determine which inspection method will be applied to SSH and SSL traffic; identify how to treat invalid, unsupported or untrusted SSL certificates; and configure which web sites or web site categories are exempt from SSL inspection.

  • Web filtering provides web URL filtering to block access to harmful, inappropriate, and dangerous web sites that can contain phishing/pharming attacks, malware such as spyware, or objectionable content that can expose your organization to legal liability. Based on automatic research tools and targeted research analysis, real-time updates enable you to apply highly-granular policies that filter web access based on 78 web content categories, over 45 million rated web sites, and more than two billion web pages—all continuously updated.

  • The FortiProxy data loss prevention (DLP) system allows you to prevent sensitive data from leaving your network. When you define sensitive data patterns, data matching these patterns will be blocked or logged and allowed when passing through the FortiProxy unit. You configure the DLP system by creating individual filters based on file type, file size, a regular expression, an advanced rule, or a compound rule, in a DLP sensor and assign the sensor to a security policy. Although the primary use of the DLP feature is to stop sensitive data from leaving your network, it can also be used to prevent unwanted data from entering your network and to archive some or all of the content passing through the FortiProxy unit.

The FortiProxy unit also provides WAN optimization, web caching, and WCCP. FortiProxy WAN optimization and web caching improve performance and security of traffic passing between locations on your wide area network (WAN) or from the Internet to your web servers. You can use the FortiProxy unit as an explicit FTP and web proxy server. In addition, you can add web caching to any HTTP sessions including WAN optimization, explicit web proxy, and other HTTP sessions.

Use the following resources to get started with FortiProxy:

Task

Documentation links

Follow the steps to set up a new FortiProxy

See Summary of steps.

If you are migrating a configuration from another vendor to FortiProxy, see the Migration section of the Best Practices guide.

Learn about best practices for FortiProxy

Review Basic configuration in the Best Practices guide.

Learn about new FortiProxy features

See FortiProxy Release Notes > What's new section.

Review information about FortiProxy releases, including resolved and known issues

See FortiProxy Release Notes.
Note

For the latest information about FortiProxy 7.2, see the latest patch version of the Administration Guide.
Previous
Next

Getting started

FortiProxy provides a secure web gateway that protects against web attacks using URL filtering, visibility and control of encrypted web traffic through SSL and SSH inspection, and the application of granular web application policies. Flexible deployment modes cover inline, explicit, and transparent deployments.

  • Application Control allows you to identify and control applications on networks and endpoints regardless of the port, protocol, and IP address used. It gives you unmatched visibility and control over application traffic, even traffic from unknown applications and sources.

  • SSL and SSH inspection allows you to determine which inspection method will be applied to SSH and SSL traffic; identify how to treat invalid, unsupported or untrusted SSL certificates; and configure which web sites or web site categories are exempt from SSL inspection.

  • Web filtering provides web URL filtering to block access to harmful, inappropriate, and dangerous web sites that can contain phishing/pharming attacks, malware such as spyware, or objectionable content that can expose your organization to legal liability. Based on automatic research tools and targeted research analysis, real-time updates enable you to apply highly-granular policies that filter web access based on 78 web content categories, over 45 million rated web sites, and more than two billion web pages—all continuously updated.

  • The FortiProxy data loss prevention (DLP) system allows you to prevent sensitive data from leaving your network. When you define sensitive data patterns, data matching these patterns will be blocked or logged and allowed when passing through the FortiProxy unit. You configure the DLP system by creating individual filters based on file type, file size, a regular expression, an advanced rule, or a compound rule, in a DLP sensor and assign the sensor to a security policy. Although the primary use of the DLP feature is to stop sensitive data from leaving your network, it can also be used to prevent unwanted data from entering your network and to archive some or all of the content passing through the FortiProxy unit.

The FortiProxy unit also provides WAN optimization, web caching, and WCCP. FortiProxy WAN optimization and web caching improve performance and security of traffic passing between locations on your wide area network (WAN) or from the Internet to your web servers. You can use the FortiProxy unit as an explicit FTP and web proxy server. In addition, you can add web caching to any HTTP sessions including WAN optimization, explicit web proxy, and other HTTP sessions.

Use the following resources to get started with FortiProxy:

Task

Documentation links

Follow the steps to set up a new FortiProxy

See Summary of steps.

If you are migrating a configuration from another vendor to FortiProxy, see the Migration section of the Best Practices guide.

Learn about best practices for FortiProxy

Review Basic configuration in the Best Practices guide.

Learn about new FortiProxy features

See FortiProxy Release Notes > What's new section.

Review information about FortiProxy releases, including resolved and known issues

See FortiProxy Release Notes.
Note

For the latest information about FortiProxy 7.2, see the latest patch version of the Administration Guide.
Previous
Next