From our side comment from Mcafee Partner and FortiGate Partner.
3.2ATP cloud connection is missingCommon mistake: ATP lack cloud connection.
The Pre-definies address FQDN/IP objects Forti guard has in their list for MCAFEE and GTI are often not 100% accurate. Esp. with provider who offer Round robin (Where one FQDN gives back 30 single IP in lookup). We over months tracked the issue because of GTI problems with several customers (Not TIE customers).
The only current solution is to:
* Fetch the IP List you publish at Mcafee and check it each day? Or check SNS alerts?
* Define single Address Objects or whole net blocks based on your IP ranges (Not FQDN)
* Then use those and custom Policy on FortiGate
This hangs together with FortiGate Address Cache but also that often 2 of like 100 are missing.
I don't have to explain what this means > You have LAG/Latency and stutter on Applications that are sporadic and hard to re-create in labs or IT.
The issues is the MOST important if you use ENS with GTI and don't have a TIE server localy.
It's so important it should be on the FIRST line of the ATP Module Docu in ENS.
If you don't watch the point > People say Mcafee makes systems slow. But it just a mismatch in some IP-list that FortiGate does not manage right.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.