What happens to the SSL/TLS traffic during FortiGate's SSL inspection?

During FortiGate's SSL inspection, the SSL/TLS traffic is decrypted and analyzed. This process involves the FortiGate device acting as a man-in-the-middle during the SSL handshake, allowing it to decrypt the traffic for inspection before re-encrypting it and sending it to the intended recipient. This enables the security appliance to inspect the content of the secure traffic for potential threats, such as malware or data leakage, ensuring comprehensive protection for the network.

The capability to analyze SSL/TLS traffic is critical, given the increasing prevalence of threats masked by encryption. By decrypting the traffic, FortiGate can apply security policies, filter malicious content, and enforce compliance measures, thus enhancing overall network security.

In contrast, other choices suggest actions that do not align with the purpose of SSL inspection. For instance, simply encrypting without inspection would not provide any security benefits, while logging without analysis would leave potential threats unaddressed. Ignoring SSL traffic entirely would expose the network to significant risks, as many cyberattacks now utilize encrypted channels to evade detection.