To block user attempts to log in to non-company resources while using Microsoft Office 365, the Web
Filter with Inline-CASB feature in FortiSASE is the most appropriate solution. Inline-CASB (Cloud
Access Security Broker) provides real-time visibility and control over cloud application usage. When
combined with Web Filtering, it can enforce policies to restrict access to unauthorized or non-
company resources within sanctioned applications like Microsoft Office 365. This ensures that users
cannot access unapproved cloud resources while still allowing legitimate use of Office 365.
Here’s why the other options are incorrect:
B . SSL deep inspection: While SSL deep inspection is useful for decrypting and inspecting encrypted
traffic, it does not specifically address the need to block access to non-company resources within
Office 365. It focuses on securing traffic rather than enforcing application-specific policies.
C . Data loss prevention (DLP): DLP is designed to prevent sensitive data from being leaked or
exfiltrated. While it is a valuable security feature, it does not directly block access to non-company
resources within Office 365.
D . Application Control with Inline-CASB: Application Control focuses on managing access to specific
applications rather than enforcing granular policies within an application like Office 365. Web Filter
with Inline-CASB is better suited for this use case.
Reference:
Fortinet FCSS FortiSASE Documentation - Inline-CASB and Web Filtering
FortiSASE Administration Guide - Securing Cloud Applications
================
