Decryption Broker with Policy Based Forwarding

Reply
L0 Member

Decryption Broker with Policy Based Forwarding

Hello,

 

I'd like to know if it is possible to use decryption broker with policy based forwarding on the same interface of the policy based forwarding as the scenarios is as the following :

We have a Bluecoat proxy connected to Palo Alto firewall using Policy Based Forwarding/Routing (PBR) so we want to know the possibility of making ssl decryption on palo alto and use decryption broker to send the traffic decrypted to Bluecoat on the Policy Based Forwarding interface.

L7 Applicator

Re: Decryption Broker with Policy Based Forwarding

Hello,

You should be able to do this with several policy based forwarding policies. One would send traffic to the BlueCoat, and the other would send the traffic received from that interface to a different destination. However I would caution on this as you can overwhelm that interface pretty easily, so using two might be a better idea. 

 

I would obviously say that your PAN can do what the BlueCoat does and more, so use the PAN and skip the BlueCoat.

 

Regards,

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!