I am planning to forward all traffic to traffic collection tool.
As I know there are "Decryption Mirroring" (https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/decryption/decryption-concepts/decryption...) and it will forward the traffic after decryption.
I would like to know if the traffic is non-encrypted traffic such as http, will it also forward out from the Decrypt Mirror interface?
Thanks for introduce a new feature.
But it is a broker (need a interface for return traffic), can it used for mirroring (only one output interface) like a SPAN?
Since I am not familiar with decryption policy,
If I set the service of decryption policy as ANY, will http/DNS (non-encrypted traffic) also hit this rule and forward out through Decryption Mirroring interface?
+1 to the above. Decryption mirror will not forward traffic in the manor you are desiring. Packet broker gets a lot closer and satisfies most requirements, but the best way is a downstream/upstream switch mirror the traffic going to the NGFW, in my opinion.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!