Google Mail for Business

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Google Mail for Business

Not applicable

Hi all,

Anyone has experience in using SSL decryption with Google Mail for Business? My concerns are the incoming emails will no longer go thru our mail content filtering engine and we don't have adequate tools to prevent data loss in outgoing mails (it's over SSL). This could be partially mitigated by using SSL decryption feature on the firewall.

My questions include:

- what is the performance impact to the firewall and user?

- Is it one SSL session to Google Mail for multiple users or one SSL session per user?

- can SSL decryption be used together with pattern filtering (e.g., searching for keywords)?

Thanks!

Peter Pan

1 accepted solution

Accepted Solutions

L3 Networker

Here is a link from the paloaltonetworks site that will help you with the performance questions:

Datasheets

Here is a link that will help explain the use of SSL decryption for use with threat prevention:

Selective SSL Decryption for Threat Prevention

I have not noticed any impact to the end user or firewall when deploying SSL decryption, just be aware of the limits described in the datasheets for the platform you are using.  As far as the number of sessions for users going to GMail Biz, it will be several sessions per user.  You can see this by going to the CLI and running the command:

> show session all filter application ssl

Then go to Gmail and run the command again.  You will see that you generated several new sessions.

Yes, you can use pattern matching and data filtering after SSL decryption happens.

Hope this answers your questions,

-chadd.

View solution in original post

1 REPLY 1

L3 Networker

Here is a link from the paloaltonetworks site that will help you with the performance questions:

Datasheets

Here is a link that will help explain the use of SSL decryption for use with threat prevention:

Selective SSL Decryption for Threat Prevention

I have not noticed any impact to the end user or firewall when deploying SSL decryption, just be aware of the limits described in the datasheets for the platform you are using.  As far as the number of sessions for users going to GMail Biz, it will be several sessions per user.  You can see this by going to the CLI and running the command:

> show session all filter application ssl

Then go to Gmail and run the command again.  You will see that you generated several new sessions.

Yes, you can use pattern matching and data filtering after SSL decryption happens.

Hope this answers your questions,

-chadd.

  • 1 accepted solution
  • 2234 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!