Thank you for sharing the document @spederse 

@spederse 

Thank you.

From our side comment from Mcafee Partner and FortiGate Partner.

3.2ATP cloud connection is missingCommon mistake: ATP lack cloud connection.

The Pre-definies address FQDN/IP objects Forti guard has in their list for MCAFEE and GTI are often not 100% accurate. Esp. with provider who offer Round robin (Where one FQDN gives back 30 single IP in lookup). We over months tracked the issue because of GTI problems with several customers (Not TIE customers).

The only current solution is to:

* Fetch the IP List you publish at Mcafee and check it each day? Or check SNS alerts?

* Define single Address Objects or whole net blocks based on your IP ranges (Not FQDN)

* Then use those and custom Policy on FortiGate

This hangs together with FortiGate Address Cache but also that often 2 of like 100 are missing.

I don't have to explain what this means > You have LAG/Latency and stutter on Applications that are sporadic and hard to re-create in labs or IT.

The issues is the MOST important if you use ENS with GTI and don't have a TIE server localy.

It's so important it should be on the FIRST line of the ATP Module Docu in ENS.

If you don't watch the point > People say Mcafee makes systems slow. But it just a mismatch in some IP-list that FortiGate does not manage right.

@spederse 

out of curiosity, is there a final version or another, later, draft version?  i mean, this draft is very good and i'm happy to use it.  just wondering if there is anything newer.