Fortinet and HSM


Is it possible to store the keys for intercepting TLS sessions in the Web Filter with an HSM device? I looked at the manuals and only found references to the FortiADC.

If it is possible would you mind answering these questions?

  • Is the key transaction made once per TLS session, or at machine startup?
  • Would you recommend against having a HSM centrally and connecting to it over the internet?
  • Is there any other ways to protect the keys in remote locations?

Any reply is most appreciated!

Kind regards,