Fortigate Explicit Proxy
I've a doubt about the Explicit Proxy feature, I hope someone can help me with this.
I've configured 2 FGT in HA and then installed the FSSO in Agent (standard mode) on both the Domain Controllers in the infrastructure.
Then, I configured the FSSO Agent via GUI in the Security Fabric Menu adding both the two Domain Controllers, synched the AD Groups and then configured the IPv4 Policy adding the FSSO AD group permitted and enabling the Web Filtering option so I can block unpermitted web sites category.
In this way all the not authenticated users (non AD users) are redirected to the Fortigate portal where the can type the temporary credentials.
So, my questions are:
- do I need to enable the explicit proxy?
- which are the advantages I can get by enabling it?
- I do not need to chenge the user's browser setting in the way I did and I think I can manage everything but...If the explicit proxy exists there will be a reason. Please, can you help to understand it? I'm reading the Fortigate KB but I can't catch the sense.
Thanks in advance