What does SSL certificate inspection allow FortiGate to evaluate?

SSL certificate inspection primarily allows FortiGate to evaluate the Fully Qualified Domain Name (FQDN) and the site rating. When SSL inspection is enabled, FortiGate can decrypt and inspect SSL traffic, which provides visibility into the certificates being presented by various websites. By analyzing the FQDN, the firewall can assess whether the site is trusted or potentially harmful based on known threat intelligence or reputation scores.

Additionally, the site rating can provide critical information about whether the website is categorized as safe, risky, or malicious. This capability enhances the security posture of the network by enabling administrators to make informed decisions based on real-time insights into the nature of the SSL traffic, which is essential for identifying threats and enforcing security policies effectively. This feature is increasingly vital as more web traffic is encrypted, making it challenging to secure networks without inspecting SSL/TLS traffic.