SSL decryption policy for all HTTPS traffic

Reply
Highlighted
L3 Networker

SSL decryption policy for all HTTPS traffic

Hi,

Is there a way to have a policy for the purpose of not decrypting all https traffic?

Thank you.


Accepted Solutions
Highlighted
L7 Applicator

That's the problem... the application _IS_ SSL until you decrypt it.  You must decrypt it in order to see what is inside. 

View solution in original post


All Replies
Highlighted
L7 Applicator

Hello Sir,

If i understand your requirement correctly, are you looking for an option to bypass Decryption policy. If so, there is a facility to negate source and destination address as mentioned below.

Decryption-policy.JPG.jpg

Thanks

Highlighted
L3 Networker

What I would like is, to be able to NOT DECRYPT any web browsing traffic on port 443.

I have looked at creating a Decryption Policy Rule, but I don't have an option to add the application, it is only seem to be based on source and destination, as well as URL category.

Highlighted
L7 Applicator

That's the problem... the application _IS_ SSL until you decrypt it.  You must decrypt it in order to see what is inside. 

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!