Download FCSS-FortiSASE 24 Administrator.FCSS_SASE_AD-24.Actual4Test.2026-05-20.95q.tqb

If the daily summary report generated by FortiSASE contains very little data, one possible explanation is that the "Log allowed traffic" setting is configured to log only "Security Events" for all policies. This configuration limits the amount of data logged, as it only includes security events and excludes normal allowed traffic.* Log Allowed Traffic Setting:* The "Log allowed traffic" setting determines which types of traffic are logged.* When set to "Security Events," only traffic that triggers a security event (such as a threat detection or policy violation) is logged.* Impact on Report Data:* If the log setting excludes regular allowed traffic, the amount of data captured and reported is significantly reduced.* This results in reports with minimal data, as only security-related events are included.References:FortiOS 7.2 Administration Guide: Provides details on configuring logging settings for traffic policies.FortiSASE 23.2 Documentation: Explains the impact of logging configurations on report generation and data visibility.

When configuring FortiSASE Secure Private Access (SPA) with SD-WAN integration, establishing a routing adjacency between FortiSASE and the FortiGate SD-WAN hub requires the use of the Border Gateway Protocol (BGP).* BGP (Border Gateway Protocol):* BGP is widely used for establishing routing adjacencies between different networks, particularly in SD-WAN environments.* It provides scalability and flexibility in managing dynamic routing between FortiSASE and the FortiGate SD-WAN hub.* Routing Adjacency:* BGP enables the exchange of routing information between FortiSASE and the FortiGate SD- WAN hub.* This ensures optimal routing paths and efficient traffic management across the hybrid network.References:FortiOS 7.2 Administration Guide: Provides information on configuring BGP for SD-WAN integration.FortiSASE 23.2 Documentation: Details on setting up routing adjacencies using BGP for Secure Private Access with SD-WAN.

To resolve internal hostnames using internal DNS servers for remotely connected endpoints, the following two components must be configured on FortiSASE:Split DNS Rules:Split DNS allows the configuration of specific DNS queries to be directed to internal DNS servers instead of public DNS servers.This ensures that internal hostnames are resolved using the organization's internal DNS infrastructure, maintaining privacy and accuracy for internal network resources.Split Tunneling Destinations:Split tunneling allows specific traffic (such as DNS queries for internal domains) to be routed through the VPN tunnel while other traffic is sent directly to the internet.By configuring split tunneling destinations, you can ensure that DNS queries for internal hostnames are directed through the VPN to the internal DNS servers.Reference:FortiOS 7.2 Administration Guide: Provides details on configuring split DNS and split tunneling for VPN clients.FortiSASE 23.2 Documentation: Explains the implementation and configuration of split DNS and split tunneling for securely resolving internal hostnames.

The agentless remote user internet access use case is designed to minimize individual endpoint configuration. In this scenario, FortiSASE provides secure internet access without requiring the installation of an agent on the endpoint device. This approach is particularly useful for environments with unmanaged devices or temporary users, as it eliminates the need for complex configurations on each endpoint. Instead, security policies are enforced at the network level, ensuring consistent protection without relying on endpoint-specific software.