SSL Decryption Time Suck

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

SSL Decryption Time Suck

L3 Networker

Has anyone else noticed a high level of effort required to support SSL Decryption on the PA's?  We have this feature activated on a few clusters and this seems to be one of the most time intensive efforts to support with weekly (if not daily) SSL Decryption bypasses for various websites.

2 REPLIES 2

L7 Applicator

I experience similar, so bad that as soon as we have a call logged regarding a failed website we firstly stick it in the no decrypt rule before trying anything else.

 

i can understand some sites that cannot be decrypted as they are not sticking to certsin regulations and that some sites also avoid mim, but even though a non decrypted site is alloed to pass decrypted we still have sites that will only work if in the no decrypt rule.

 

mainly tagging this for update notification as someone is sure to enlighten...

plus... If it all worked smoothley, i would be out of a job... Lol.

L3 Networker

This is definately an area that could use attention.  There are over 2,000 threads when I search in the forums here.  That is pretty significant number.

 

ssl-threads.png

  • 1876 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!