We currenly have a Palo-5050 v7.18 doing firewalling and URL filtering.
We have SSL decryption enabled.
Because Palo does not support transparent authentication using Chromebooks and because we do not like the Palo URL reporting, we are looking at getting rid of the URL filtering part.
Do we still need to have SSL decryption enabled for normal firewall apps and function?
If yes, does that mean we would need to have multiple SSL certs installed on our client devices:
1 for Palo SSL decyption
1 for new URL filtering product
Depends on the application you are trying to catch and the need to see threats, short answer is yes you want to decrypt the traffic more than likely so leave that on.
If your new URL filtering product requires SSL decrytion then it will need this as well. I imagine that in a school enviroment you are probably looking at something like a Barracuda, in which case it helps to have SSL decryption enabled and you would need the required certs to configure this correctly loaded onto the client devices.
Decryption would be better for application and threat detection. If not, we might not see the application shift which may happen after the base application is read. Decryption requires a certificate which is marked as CA and the private key should be on the firewall. You could have 2 different certificates for Palo Alto, URL filtering service. However, you could also export certificate from one device and import it into another (PA can do that, not sure about the other device).
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!