FortiGate Firewall: Deep Packet Inspection / SSL/TLS MITM Explored

preview_player
Показать описание
In this video, I explain why Deep Packet Inspection and SSL Man in the Middle are so important to protecting your environment. Recent studies have indicated that up to 90%+ of traffic is now encrypted.

FortiGate Firewalls have two different inspection capabilities the first is Certificate that looks for information such as the SNI header for information BEFORE encryption once the session is encrypted by TLS it can no longer see what is going on. This is where Deep Packet Inspection comes in as it's sat in the middle of the session it's able to decrypt the TLS session and inspect the traffic before re-encrypting and sending it onwards.

I talk through the TCP 3-way handshake and when TLS gets involved before showing how to implement deep packet inspection on a Fortigate 80F firewall.

* SSL is now known as TLS

// Chris SOCIAL //

// Time Stamps //

0:00 - Introduction & Please Subscribe!
0:33 - Importance of Deep Packet Inspection
2:46 - The need to install a Certificate on the client, why this is tough for large deployments!
3:55 - Demonstration using Chrome and capturing the packets in Wireshark
5:20 - What does this look like using Wireshark?
6:33 - Certicate-based inspection what information is it using? Including SNI Header!
7:40 - Traffic is now encrypted
8:07 - How to configure inspection FortiGate Firewall (Security Policy)
10:02 - How to configure inspection FortiGate Firewall (Firewall Policy)
11:29 - Disclaimer and video wrap up!
13:10 - If you can enable it! Here is why!

// Keywords //

Fortinet
Fortigate
TCP
TLS
Deep Packet Inspection
SSL Man In The Middle (MITM)
Fortinet Fabric
Fortinet how to
Fortinet guide
Fortinet network security
Cybersecurity

// HashTags //

#cybersecurity
#networking
#fortinet
  1. FortiBytes
  2. Fortigate
  3. deep packet inspection
  4. ssl/tls handshake
  5. encryption and decryption
  6. ssl man in the middle
Рекомендации по теме
FortiGate Firewall: Deep 0:14:18

FortiGate Firewall: Deep Packet Inspection / SSL/TLS MITM Explored

Deep Inspection on 0:21:38

Deep Inspection on FortiGate firewall with 5 Examples

SSL/TLS Inspection Demo 0:05:03

SSL/TLS Inspection Demo | FortiGate

FortiGate 6.0: Understanding 0:07:36

FortiGate 6.0: Understanding and Implementing Deep Packet Inspection

Fortigate (Deep Packet) 0:15:53

Fortigate (Deep Packet) SSL Inspection

FortiGate: Inbound Deep 0:13:25

FortiGate: Inbound Deep Inspection/TLS Offloading

how to configure 0:04:52

how to configure ssl ssh inspection in fortigate firewall

Fortigate Firewall Packet 0:44:38

Fortigate Firewall Packet Flow - in depth for troubleshoot

Master Palo Alto 1:09:33

Master Palo Alto Firewalls with Expert Guidance - Don't Miss Out! Visit www.guinett.com'

FortiGate Firewall: Life 0:08:05

FortiGate Firewall: Life of a packet troubleshooting

Simple Fortigate Firewall 0:04:53

Simple Fortigate Firewall Policy to protect your Network.

FortiGate Firewall: In-Line 0:11:29

FortiGate Firewall: In-Line AntiVirus Tutorial

[Fortigate] - Fortinet 0:09:35

[Fortigate] - Fortinet Deep Packet Inspection, analisi del traffico Https

Deep Packet Analysis 0:05:11

Deep Packet Analysis Ep4 - ICMP PING FLOOD + FortiGate Firewall Part 1

43- Fortigate Antivirus, 0:30:22

43- Fortigate Antivirus, Certificate Authority, Deep Packet Inspection Group Policy

NSE 4 - 0:10:13

NSE 4 - Day 2 | Fortinet/Fortigate Firewall - SSL Inspection | Eduva Tech

Introducing the FortiGate 0:02:14

Introducing the FortiGate Rugged 70F | Next-Generation Firewall

What is deep 0:04:30

What is deep packet inspection?

Fortinet Fortigate: Show 0:00:54

Fortinet Fortigate: Show number of packets dropped by the ACL

Deep Packet Inspection 0:00:31

Deep Packet Inspection

Fortinet FortiGate as 0:25:25

Fortinet FortiGate as a Wireless Controller: Security Fabric to the Edge with Koroush Saraf

FortiGate 7121F & 0:07:00

FortiGate 7121F & BreakingPoint Performance Results | Ultra-high Advanced Enterprise Security | ...

Fortinet SD-WAN Architecture 0:58:56

Fortinet SD-WAN Architecture & Demo

Unboxing and Configuring 0:25:22

Unboxing and Configuring FortiGate Firewall 200F | Basic FortiGate Configuration | Latest Release 🔥...

Комментарии
Автор

Great video and explanation of this topic. I'm just getting started with Fortigate and looking forward to more of your videos. Thank You

kroy
Автор

Love the new mic! Deep packet inspection disclaimer is a plus. I’ve bashed my head multiple times trying to troubleshoot applications until I’ve added all urls as exclusions.

Maydaymayday
Автор

indeed, a knowledgeable session, loved it!!

rajpandey
Автор

Liked and subscribed. Thanks for the uploads.

GoodGameOKC
Автор

Loving this series, invaluable training being offered here, especially the wrap up section. Things can, will and do go wrong in the wild and that's where you learn the most.. Also it's where you want to throw the whole thing out the window xD

sydetraq
Автор

I don't know what you did, but the audio is way better. I still hear some echo-ing but much less, nice! I hope you could do a part 2 in the future where you actually show how to troubleshoot those urls that you need to exempt/make another policy for because I think if people know how to quickly troubleshoot, it would make it easier to implement. Great video, love the breakdown of the SYN/TLS handshake.

snaky-t
Автор

Hey buddy! May I ask, using SSO with deep packet inspection configured, can I still exclude certain category of websites like finance without any problem?

Klarkooi