In a network where an administrator enables SSL inspection and antivirus, what is a potential limitation when inspecting HTTPS?

When SSL inspection is enabled on a network, the process requires that the encrypted HTTPS traffic is decrypted to allow for thorough inspection of the content. This decryption is necessary for both security features to function effectively, including antivirus scanning. Without the decryption, the security appliances would only see the encrypted stream and not be able to analyze malicious payloads or other threats embedded within the traffic.

This limitation signifies that for SSL inspection to work properly, the FortiGate device must act as a man-in-the-middle in the encrypted communication. The device will generate its own SSL certificate for the site being accessed, which clients will need to trust in order to avoid certificate errors. As a result, when implementing SSL inspection, the decryption of traffic becomes an essential step to maintain security effectiveness, hence this choice accurately reflects a fundamental aspect of how HTTPS inspection operates.