To block user attempts to log in to non-company resources while using Microsoft Office 365, the Web Filter with Inline-CASB feature in FortiSASE is the most appropriate solution. Inline-CASB (Cloud Access Security Broker) provides real-time visibility and control over cloud application usage. When combined with Web Filtering, it can enforce policies to restrict access to unauthorized or non-company resources within sanctioned applications like Microsoft Office 365. This ensures that users cannot access unapproved cloud resources while still allowing legitimate use of Office 365.
Here's why the other options are incorrect:
B . SSL deep inspection: While SSL deep inspection is useful for decrypting and inspecting encrypted traffic, it does not specifically address the need to block access to non-company resources within Office 365. It focuses on securing traffic rather than enforcing application-specific policies.
C . Data loss prevention (DLP): DLP is designed to prevent sensitive data from being leaked or exfiltrated. While it is a valuable security feature, it does not directly block access to non-company resources within Office 365.
D . Application Control with Inline-CASB: Application Control focuses on managing access to specific applications rather than enforcing granular policies within an application like Office 365. Web Filter with Inline-CASB is better suited for this use case.
Reference:
Fortinet FCSS FortiSASE Documentation - Inline-CASB and Web Filtering
FortiSASE Administration Guide - Securing Cloud Applications