An administrator wants to prevent direct host-to-host communication at layer 2 and use only FortiGate to inspect all the VLAN traffic.
What three things must the administrator configure on FortiGate to allow traffic between the hosts? (Choose three.)
To prevent direct host-to-host communication at layer 2 and ensure all VLAN traffic is inspected by FortiGate, an administrator must block intra-VLAN traffic in the VLAN interface settings to prevent direct communication (A). Adding the VLAN interface to a software switch allows FortiGate to handle the traffic (B). Configuring a firewall policy is essential to allow the desired traffic to pass between hosts as all traffic will be routed through FortiGate (D). Static routes and proxy ARP are not necessary for this specific requirement.
Microsegmentation: Blocking intra-VLan traffic; Prevents Layer-2 connectivity between endpoints in the same VLan. All traffic passes through the FortiGate. When intra-VLan traffic is enabled, to allow traffic in the same VLan, you must enable a firewall policy and proxy-ARP on the FortiGate.
Microsegmentation: Blocking intra-VLan traffic; Prevents Layer-2 connectivity between endpoints in the same VLan. All traffic passes through the FortiGate. When intra-VLan traffic is enabled, to allow traffic in the same VLan, you must enable a firewall policy and proxy-ARP on the FortiGate.
Correct answer ADE