Filter
Top Products
Fortinet 63 FortiWeb 5.0 Patch 6 Administration Guide
Matching topology with operation mode & HA mode
Required physical topology varies by your choice of operation mode. It also varies
depending on whether you will operate a high availability (HA) cluster of FortiWeb appliances.
You may need to consider 1 or 2 of the next sections:
• Topology for reverse proxy mode
• To
pology for either of the transparent modes
• Topology for offline protection mode
• Topologies for high availability (HA) clustering
Topology for reverse proxy mode
This is the default operation mode, and the most common. Most features are supported (see
“Supported features in each operation mode” on page 62).
Page Order Rules Yes Yes Yes No No
Rewriting / Redirection Yes Yes Yes No No
Session Management Yes Yes * Yes * Yes * Yes *
Site Publishing Yes Yes Yes No No
SSL/TLS Offloading Yes N/A No No No
SSLv3 Support Yes N/A Yes ~ Yes ~¶ Yes ~¶
SSLv2 Support Yes N/A No No No
Start Page Enforcement Yes Yes Yes No No
User Authentication Yes Yes
#
Yes No No
X-Forwarded-For: Support Yes No No No No
^ Full configuration sync is not support
ed in reverse proxy mode.
‡ TCP SYN co
okie flood prevention is supported.
§ Only the Ale
rt action is supported.
* Requires that your web applicat
ion have session IDs. See Session Key Word.
~ DSA-encrypted server certificates are not supported.
¶ Dif
fie-Hellman key exchanges are not supported.
#
PKI authentication requires HTTPS.
Table 6: Feature support that varies by operation mode
Feature Operation mode
Reverse
proxy
True transparent
proxy
Transparent
inspection
Offline
protection
HTTP HTTPS