https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/250804#M71324 <BLOCKQUOTE><HR /><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/90797">@magates</a>&nbsp;wrote:<P class="1550787162413">&nbsp;</P><P>Additionally, if anyone has any tips or potential gotchas in implementing this, I'd appreciate any info!</P><HR /></BLOCKQUOTE><P>&nbsp;</P><P>&nbsp;</P><P>What method of detection were you planning on using?</P> Thu, 21 Feb 2019 22:12:53 GMT Brandon_Wertz 2019-02-21T22:12:53Z https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/250667#M71284 <P>I'm planning to implement credential phishing prevention, but in looking over the documentation, all of the examples use HTTP and no mention is made of SSL sites. I would like to confirm whether it works or not, within the inherent limitations of SSL inspection.</P><P>&nbsp;</P><P>Additionally, if anyone has any tips or potential gotchas in implementing this, I'd appreciate any info!</P> Wed, 20 Feb 2019 21:24:35 GMT https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/250667#M71284 magates 2019-02-20T21:24:35Z https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/250686#M71287 <P>It definitely works with HTTPS, but you do need to decrypt that traffic. There is no way the firewall can inspect the traffic if the data is encrypted.</P> Thu, 21 Feb 2019 00:46:04 GMT https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/250686#M71287 gwesson 2019-02-21T00:46:04Z https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/250804#M71324 <BLOCKQUOTE><HR /><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/90797">@magates</a>&nbsp;wrote:<P class="1550787162413">&nbsp;</P><P>Additionally, if anyone has any tips or potential gotchas in implementing this, I'd appreciate any info!</P><HR /></BLOCKQUOTE><P>&nbsp;</P><P>&nbsp;</P><P>What method of detection were you planning on using?</P> Thu, 21 Feb 2019 22:12:53 GMT https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/250804#M71324 Brandon_Wertz 2019-02-21T22:12:53Z https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/251577#M71539 <P>I intend to use <SPAN class="ph uicontrol">Domain Credential Filter</SPAN>. We already have RODC and it sounds like that method is most accurate.</P> Wed, 27 Feb 2019 20:46:45 GMT https://live.paloaltonetworks.com/t5/general-topics/credential-phishing-prevention-with-ssl/m-p/251577#M71539 magates 2019-02-27T20:46:45Z