View all questions & answers for the FCSS - Enterprise Firewall 7.4 Administrator Exam Materials exam
Question 10 Discussion
Comments
Selected Answers: C
EFW 7.4 study guide page 287 confirms that,
This slide shows the steps that the first packets of a session go through as they enter, pass though, and exit
FortiGate with SPUs.
FortiGate performs some security inspections early in the life of the packet, such as ACL, HPE, and IP integrity
header checking. FortiGate does this to make sure the packets are within acceptable parameters before allowing
the packet to move through the rest of the processes. These inspections are handled by the network processor in
order to minimize impact on the FortiGate CPU.
Each version of the network processor has criteria that defines which traffic can be offloaded. The network
processor enhances overall performance by allowing offloaded sessions to bypass the FortiGate CPU after the
session is established and the session key is installed in the network processor. The network processor can also
handle IPsec VPN encryption and decryption operations, where the configured encryption and hashing algorithms
are supported in hardware.
The content processor functions like a coprocessor for the FortiGate CPU to improve overall system performance
by offloading certain tasks, such as pattern matching for flow-based unified threat management (UTM) inspection
with the intrusion prevention system (IPS) engine, SSL/TLS decryption and encryption for deep SSL inspection,
and IPsec encryption and decryption operations for supported algorithms.
Note that the packet processing for virtual FortiGate devices is identical with the only difference being that the
CPU handles all processes instead of being able to offload some of them to network and content processors.
What is the initial step performed by FortiGate when handling the first packets of a session? (Choose one answer)
Brave-Dump Clients Votes