Hello,
For Internal users which are already joined to Domain we can create policies with SSL Inspection and DPI. How about BYOD Users ?
How can we apply DPI SSL Inspection for BYOD users ?
You need to install the cert manually for them.
Mike Pruett
Hello,
Mike is correct that you would need to install the certificate manually for them if you are using a self-signed SSL Certificate (like the default FortiGate's one).
If you would like to do deep-inspection without installing a certificate manually, you need to get a properly signed SSL Certificate by an authorized Certificate Authority (CA). This will allow the BYOD devices to build a proper chain of trust to the Root CA. Once you get a properly signed SSL Certificate, import the private key and the Certificate to the FortiGate. You would not need to manually install the certificate in any BYOD devices this way.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.