How does FortiGate determine the site rating when processing SNI?

FortiGate determines the site rating when processing Server Name Indication (SNI) primarily by retrieving the Fully Qualified Domain Name (FQDN) from the client’s SSL handshake. This information is crucial because the SNI allows the client to specify the hostname it is attempting to connect to during the SSL handshake. By accessing the FQDN, FortiGate can assess the associated site rating, which helps in making informed decisions about how to manage or filter that traffic.

Retrieving the FQDN is essential as it not only identifies the specific website being accessed but also allows FortiGate to apply its security policies appropriately based on the reputation and type of site. This site rating influences the actions FortiGate takes, such as whether to allow or block the traffic or enforce certain security protocols.

The other options do not accurately describe the method FortiGate uses to determine the site rating in this context. Analyzing traffic patterns and checking user history can provide insights into user behavior and security risk but do not directly relate to the site rating determination. Performing a DNS lookup could be part of the broader context of understanding a domain’s IP, but it is not the primary method for assessing the site rating based on SNI. Thus, retrieving the