首页 > 代码库 > FGT Inspection Modes
FGT Inspection Modes
Inspection Modes
This topic briefly discusses proxy and flow-based inspection modes. For more information on flow vs. proxy inspection modes on your FortiGate and how they impact web filtering, see Individual Security Profile considerations in the Inspection Modes section.
Proxy
需要缓存并受到完整的包
Proxy-based inspection involves buffering traffic and examining it as a whole before determining an action. The process of having the whole of the data to analyze allows for the examination of more points of data than the flow-based or DNS methods.
The advantage of a proxy-based method is that the inspection can be more thorough than the other methods, yielding fewer false positive or negative results in the data analysis.
优点:检查更彻底
Flow-based
不需要缓存,不需要接受到完整的包
The flow-based inspection method examines the file as it passes through the FortiGate unit without any buffering.
As each packet of the traffic arrives it is processed and forwarded without waiting for the complete file or web page.
The advantage of the flow-based method is that the user sees a faster response time for HTTP requests and there is less chance of a time-out error due to the server at the other end responding slowly.
优点:HTTP相应更快
The disadvantages of this method are:
(1) there is a higher probability of a false positive or negative in the analysis of the data; and,
(2) a number of security features that can be used in the proxy-based method are not available in the flow-based inspection method.
缺点: 很多安全的特性都不能够使用了
http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-security-profiles-54/Web_Filter/Web%20Filter%20Inspection%20Modes.htm
FGT Inspection Modes
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。