All traffic passing trough the FortiBridge is sent to the FortiGate to be analyzed. If the FortiGate allows it, it will go back to the FortiBridge.Bypass
The FortiBridge constantly probes (Heartbeats, Pings, HTTP) the FortiGate. If it does not answer back, the FortiBridge forwards the Traffic normally without sending it to the FortiGate.Tap
The FortiBridge forwards the traffic normally and also sends it to the FortiGate to be analyzed. FortiGate is configured to take no actions and only analyzes the traffic.Failcutoff
The FortiBridge constantly probes (Heartbeats, Pings, HTTP) the FortiGate. If it does not answer back, the FortiBridge may work in Bypass mode (as explained above) or in Failcutoff mode, where if one of its links fails all others also fail.Using the CLI, a segment can be manually set into Inline, Bypass, TAP or Fail-cutoff mode. All probes must be disabled before the mode can be set.
config probe probe-list heartbeat
set status disable
end
config probe probe-list ping
set status disable
end
config probe probe-list http
set status disable end
execute switch-mode <inline|bypass|tap|failcutoff>
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.