Hello Community, I am struggling to find any information on my problem.
Are Fortigate Firewalls in any OS able to evaluate the Subject
Alternative Name (SAN) information in a certificate? To give a specific
example: We want to monitor access to https...
Hello, I was wondering if perhaps someone has a good solution to my
question, since we did not find a smooth way to do it.As the Fortigate
firewalls have a viable IPS signature database we are using the feature
for several purposes with different pro...
Hello everyone, I was wondering if someone has a hint for me regarding
logging on the FortiAnalyzer. We are using it to aggregate Logs from
different central Firewalls which are using different UTM Features.We
now want to seperate the settings for di...
Well, got an official answer: "Unfortunately the behavior of webfilter
is maintained throughout all the FortiOS versions, which means that the
webfilter, when using certificate inspection, will look at the CN of the
certificate presented by the webpa...
SNI and SAN are not the same. SNI has no impact on the certificate
itself, whilst with SAN the CN may not be distinct.@BrianB: Did you find
an answer to your question? I am currently struggling to find a way to
monitor SAN websites over https. Cloudf...
Hello Tom, that is true and we already thought of that. But it will not
help if you want to use the information for statistical information.
Besides, the amount of data stored would be too high if you are just
interested in the URLs. Greetings,Daniel
And we have the solution why there are no distinct vlog and alog files
in our case. Official Fortinet support: Please be informed that starting
from firmware version 5.0.7 there are no log browse files like wlog,
alog, vlog, dlog. All security logs a...