Decrypt traffice

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Decrypt traffice

Not applicable

Is there a reason you wouldn't want to decrypt traffic like:  Shopping

2 REPLIES 2

L6 Presenter

In my opinion, specially when it comes using PA towards Internet, you should decrypt everything and stuff that cannot be decrypted shouldnt be allowed through.

Windowsupdate can be handled separately (for example if you setup a WSUS and only let WSUS server go for windowsupdate on the Internet using appid windowsupdate).

The tricky part is how this cert whitelist which PA uses affects decryption. Will this whitelist always overrule decrypt settings or will a "deny flows which cannot be decrypted" overrule the whitelist - perhaps someone from PA could clearify?

Anyway - there might be countries/places where you are not supposed/allowed to decrypt stuff on the road. Banking/Financial seems to be a common example.

Otherwise it can be for performance reasons which you dont want to decrypt certain categories but in my opinion this is bad...


Your environment may wary from mine.
My reason for using decrypt is to see what hides inside.  Checking the traffic is an attempt to look for and stop unwanted traffic.

So is it likely the “Shopping” may contain things that you do not want in your environment?
My 5 cents is that “Shopping” is not likely to contain malware in the encrypted stream.  “Shopping” is likely to have some payment options (credit card numbers ). Are you allowed to view those ?
Decrypt may break some payment options (used in “shopping”). 
Or you may want to limit or block shopping during work hours ?

Decrypting traffic may also have legal consequences. Your geographic location and laws that apply to your company, may influence your outcome. US and EU view of “privacy” are somewhat different.

/ Regards Paul M

  • 1999 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!