How does FortiGate perform SSL inspection?

FortiGate performs SSL inspection by decrypting and then re-encrypting SSL traffic. This process allows FortiGate to analyze the contents of SSL-encrypted communications for threats, malware, or any unauthorized content while still maintaining the security and integrity of the SSL connections.

When SSL (Secure Sockets Layer) traffic is transmitted, it is encrypted to provide confidentiality and security for data in transit. To inspect this type of traffic, FortiGate temporarily breaks the encryption, examines the data for malicious activity, and then re-encrypts it before sending it to the intended destination. This method ensures that users are still protected from potential threats while allowing the security device to actively monitor and manage encrypted traffic.

The other options do not accurately describe the process. Forwarding SSL traffic to external servers does not facilitate inspection but merely directs the traffic elsewhere, potentially bypassing security checks. Blocking all SSL traffic would hinder legitimate secure communications, while allowing only approved SSL certificates does not enable inspection of the traffic itself but instead regulates which certificates can be trusted. Thus, the selected method of decrypting and re-encrypting traffic is the correct and effective approach for SSL inspection implemented by FortiGate.