How do you handle ssl traffic decrypted by the FW ?

Reply
Highlighted
L4 Transporter

How do you handle ssl traffic decrypted by the FW ?

Twitter Q24.

 

From: Terry Bates ‏@terryb8s  

 

Question:
"#AskPANW How do you handle ssl traffic decrypted by the FW where the underlying application uses a none standard port e.g. not app default?"

Highlighted
Palo Alto Networks Guru

If the application is running on a non-default port, for example, LDAPS on TCP/636, using a specific Service Object (in this case, TCP/636) instead of "Application Default" in combination with the "ldap" App-ID will permit the firewall to decrypt the stream, and inspect traffic contained within the tunnel to deliver App-ID & Content-ID capabilities.

 

For more information, see https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/decryption/create-a-decryption-polic... , and https://www.paloaltonetworks.com/documentation/71/pan-os/pan-os/policy/define-the-initial-internet-g... for an example on using Application Default and specific Service Objects within a Security Policy rulebase.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!