Published: 2025-08-01
Optimization of Data Security Protection with Full SSL Inspection on AWS Using FortiGate Virtual Appliance
DOI: 10.35870/ijsecs.v5i2.5153
Yuma Akbar, Gipari Pradina Abdillah
- Yuma Akbar: Sekolah Tinggi Ilmu Komputer Cipta Karya Informatika
- Gipari Pradina Abdillah: Sekolah Tinggi Ilmu Komputer Cipta Karya Informatika
Abstract
The expanding adoption of cloud services, particularly Amazon Web Services (AWS), has intensified challenges in protecting encrypted data traffic within network security frameworks. SSL/TLS protocols, widely utilized for data encryption, have become exploitation vectors for cyber adversaries as conventional security solutions lack the capability to scrutinize encrypted traffic effectively. The research addresses such security gaps by implementing Full SSL Inspection through Fortigate Virtual Appliance deployment within AWS cloud environments. The study examines cloud-based network architecture integrated with Fortigate systems, employing methodologies that encompass virtual appliance installation, SSL/TLS inspection feature configuration, and assessment of system effectiveness alongside performance impact evaluation. Research instruments include simulated cyber-attack scenarios targeting encrypted traffic patterns. Findings demonstrate that Full SSL Inspection significantly enhances threat detection capabilities within network traffic, albeit with measurable increases in system latency and computational overhead. The implementation of Fortigate Virtual Appliance proves effective in strengthening AWS data security postures. Research outcomes emphasize the necessity for configuration optimization to maintain security-performance equilibrium, positioning the solution as viable for organizations prioritizing data protection strategies
Keywords
SSL Inspection ; Fortigate 7.6 ; AWS ; Encryption ; Decryption ; Cloud Security
Downloads
Article Information
This article has been peer-reviewed and published in the International Journal Software Engineering and Computer Science (IJSECS). The content is available under the terms of the Creative Commons Attribution 4.0 International License.
-
Issue: Vol. 5 No. 2 (2025)
-
Section: Articles
-
Published: August 1, 2025
-
License: CC BY 4.0
-
Copyright: © 2025 Authors
-
DOI: 10.35870/ijsecs.v5i2.5153
AI Research Hub
This article is indexed and available through various AI-powered research tools and citation platforms. Our AI Research Hub ensures that scholarly work is discoverable, accessible, and easily integrated into the global research ecosystem. By leveraging artificial intelligence for indexing, recommendation, and citation analysis, we enhance the visibility and impact of published research.
Yuma Akbar
Information Systems Study Program, Faculty of Computer Science, Sekolah Tinggi Ilmu Komputer Cipta Karya Informatika, East Jakarta City, Special Capital Region of Jakarta, Indonesia
Gipari Pradina Abdillah
Information Systems Study Program, Faculty of Computer Science, Sekolah Tinggi Ilmu Komputer Cipta Karya Informatika, East Jakarta City, Special Capital Region of Jakarta, Indonesia
-
Cisco. (2020). SSL/TLS Proxy for Decryption of TLS Traffic.
-
Fortinet. (2016). Transforming Your Security A New Era In Enterprise Firewalls.
-
Wakoli, L. W. (2024). Secure Sockets Layer/Transport Layer Security for E-Commerce. International Journal of Scientific Research and Management, 12(12). https://doi.org/10.18535/ijsrm/v12i12.em03
-
McCarthy, C., & Zincir-Heywood, A. N. (2022). An Investigation on Identifying SSL Traffic. IEEE Access. https://doi.org/10.1109/ACCESS.2022.1234567
-
ZScaler. (2024). TLS/SSL Inspection with Zscaler Internet Access™.
-
Fortinet. (2025). FortiGate®-VM on Amazon Web Services.
-
Amazon Web Services. (2025). Overview of Amazon Web Services.
-
Kewate, N., Raut, A., Dubekar, M., Raut, Y., & Patil, A. (2022). A Review on AWS - Cloud Computing Technology. International Journal for Research in Applied Science and Engineering Technology. https://doi.org/10.22214/ijraset.2022.39802
-
Ibrahim, A. (2020). Secure Socket Layer: Fundamentals and Certificate Verification. https://doi.org/10.31224/3532
-
Gudelli, V. R. (2023). AI-powered insights for performance optimization in AWS cloud environments. International Journal of Scientific Research and Archives, 10(2). https://doi.org/10.30574/ijsra.2023.10.2.1033
-
Arbie, F. R., & Raharjo, M. (2024). Implementasi Keamanan Jaringan Dengan Metode Security Profiles Menggunakan Fortigate Pada Komisi Aparatur Sipil Negara. Jurnal Informatika dan Teknologi, 10(1). https://doi.org/10.54914/jit.v10i1.1060
-
Naseer, I. (2023). AWS Cloud Computing Solutions: Optimizing Implementation for Businesses. Scientific Computing and Information Research, 5(2). https://doi.org/10.52700/scir.v5i2.138
-
Abdillah, G. P., Notonegoro, D. S., Susanto, H., & Mulyana, D. I. (2024). Optimasi Keamanan Jaringan Vpn Ipsec Tunnel Fortigate Dengan Aes. International Conference on Computing, 7(5). https://doi.org/10.31539/intecoms.v7i5.11499
-
Mulyana, D. I., Ardiyansyah, F., Hidayat, N., & Zulfikar, A. (2024). Optimasi Keamanan Jaringan Wifi dari Situs Judi Online dan Pornografi dengan DNS Filtering dan Orange Pi. Malcom Journal, 4(2). https://doi.org/10.57152/malcom.v4i2.1274
-
Dharmawan, N., Indriyanta, G., & Senapartha, I. K. D. (2022). Analisis Keamanan Jaringan Universitas Kristen Duta Wacana Dengan Serangan SSL/TLS. Jurnal Teknik Elektro dan Informatika, 62. https://doi.org/10.21460/jutei.2022.62.214
-
Fauziah, A. D. N., Nirwana, H., Litha, A., & Mahjud, I. (2022). Analisis Penerapan Teknologi Traffic Steering SD-WAN Menggunakan Perangkat Forti Gate. Elekterika, 6(2). https://doi.org/10.31963/elekterika.v6i2.3478
-
Yu, D.-Y. (2020). Data Encryption Method of SSL Digital Authentication Signature System Based On Privacy Protection. In 2020 International Conference on Machine Learning and Artificial Intelligence. https://doi.org/10.1109/ICMTMA50254.2020.00016
-
Razumov, P., Cherckesova, L., Revyakina, E., Morozov, S., Medvedev, D., & Lobodenko, A. (2023). Ensuring the security of web applications operating on the basis of the SSL/TLS protocol. E3S Web of Conferences, 402. https://doi.org/10.1051/e3sconf/202340203028
-
Mubarok, M. S., & Herdiansyah, M. I. (2023). Implementasi Cloud Computing Amazon Web Services (AWS) Pada Web Reservasi Kamar Hotel. Klik Journal, 4(2). https://doi.org/10.30865/klik.v4i2.1212
-
Jaya, D. P., Aspriyono, H., & Suryana, E. (2021). Implementasi Keamanan Jaringan Komputer Menggunakan Fortigate Sebagai Firewall pada Lab Komputer IAIN Bengkulu. Gatotkaca Journal, 2(1), 31-38. https://doi.org/10.37638/gatotkaca.2.1.31-38
-
Dewi, S., & Islami, A. I. (2021). Implementasi Web Filtering Menggunakan Router Fortigate FG300D. Infotek Journal, 2(1). https://doi.org/10.31294/instk.v2i1.424
-
Balajee, R. M., & Jayanthi Kannan, M. K. (2023). Intrusion Detection on AWS Cloud through Hybrid Deep Learning Algorithm. Electronics, 12(6). https://doi.org/10.3390/electronics12061423
-
Khandkar, V. S., & Hanawal, M. K. (2021). Masking Host Identity on Internet: Encrypted TLS/SSL Handshake. arXiv preprint. https://doi.org/10.48550/arXiv.2101.04556
-
Suryantoro, H., Sopian, A., & Dartono. (2021). Penerapan Teknologi Fortigate Dalam Pembangunan Jaringan Vpn-Ip Berbasis Ipsec. Journal of Engineering and Information Systems, 1(1). https://doi.org/10.56486/jeis.vol1no1.64
-
Al-Mohamad, A. (2024). Performance Evaluation Of Firewall Technologies. World Journal of Information Technology, 30(6). https://doi.org/10.61784/wjit3006
-
Duddu, S., Sai, A. R., Sowjanya, C. L. S., Rao, G. R., & Siddabattula, K. S. (2020). Secure Socket Layer Stripping Attack Using Address Resolution Protocol Spoofing. In 2020 4th International Conference on Intelligent Computing and Control Systems. https://doi.org/10.1109/ICICCS48265.2020.9120993
-
Alite, E., Shurdi, O., Gjonaj, A., Tafa, I., & Pole, E. (2020). Deep SSL Inspection with Active Directory Integration. Zenodo. https://doi.org/10.5281/zenodo.4249738
-
Pandey, J., Rai, S., & Srivaramangai, R. (2023). Assessment of Deep Packet Inspection System of Network traffic and Anomaly Detection. International Journal of Scientific Research in Science, Engineering and Technology, 31(8). https://doi.org/10.32628/IJSRSET23103108
-
Trend Micro. (2017). Threat Protection System SSL Inspection Best Practices.
-
Sinlae, A. A. J., Swari, M. H. P., Sinaga, F. M., Prasetyo, Y. P. W., Megawan, S., Gunawan, P. W., Saskara, G. A. J., Satwika, I. K. S., Bernadus, I. N., Hadi, A., Pracasitaram, I. G. M. S. B., & Santyadiputra, G. S. (2024). Buku Ajar Jaringan Komputer.
-
Wahsheh, L. A., & Alves-Foss, J. (2008). Security policy development: Towards a life-cycle and logic-based verification model. American Journal of Applied Sciences, 5(9), 1117-1126.
-
Lukman, L., & Suci, M. (2020). Analisis perbandingan kinerja snort dan Suricata sebagai intrusion detection system dalam mendeteksi serangan syn flood pada web server Apache. Respati, 15(2), 6-15.
-
Goldman, E. (2024). Bring on the policy entrepreneurs. Issues in Science and Technology, 40(2), 49-51.
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright and Licensing Agreement
Authors who publish with this journal agree to the following terms:
1. Copyright Retention and Open Access License
- Authors retain full copyright of their work
- Authors grant the journal right of first publication under the Creative Commons Attribution 4.0 International License (CC BY 4.0)
- This license allows unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited
2. Rights Granted Under CC BY 4.0
Under this license, readers are free to:
- Share — copy and redistribute the material in any medium or format
- Adapt — remix, transform, and build upon the material for any purpose, including commercial use
- No additional restrictions — the licensor cannot revoke these freedoms as long as license terms are followed
3. Attribution Requirements
All uses must include:
- Proper citation of the original work
- Link to the Creative Commons license
- Indication if changes were made to the original work
- No suggestion that the licensor endorses the user or their use
4. Additional Distribution Rights
Authors may:
- Deposit the published version in institutional repositories
- Share through academic social networks
- Include in books, monographs, or other publications
- Post on personal or institutional websites
Requirement: All additional distributions must maintain the CC BY 4.0 license and proper attribution.
5. Self-Archiving and Pre-Print Sharing
Authors are encouraged to:
- Share pre-prints and post-prints online
- Deposit in subject-specific repositories (e.g., arXiv, bioRxiv)
- Engage in scholarly communication throughout the publication process
6. Open Access Commitment
This journal provides immediate open access to all content, supporting the global exchange of knowledge without financial, legal, or technical barriers.