I plan to put in place a SSL decryption rule to decrypt ssl traffic (SSL forward proxy). But I don't want decrypt traffic for several categories of website such as financial (bank website). I haven't the URL filtering license. I create a first rule "Do not decrypt" where I specify "Financial-services" in the URL category but when I test and reach a bank website, the certificate has been replaced by the certificate confiuged for decryption. Is-it because I haven't the URL filtering licenses ? And if I create on PA an URL category "Do-not-decrypt" with bank website used for the test and add this custom category in the rule "Do not decrypt", the website is not decrypted.
Do you know where I can find a list of bank site to be imported in the URL category created ?
First, I am not a paloalto employee but this sounds like you should buy the URL filtering license ... or why don't you us the decryption opt-out response page to inform the users about the decryption and maybe also **bleep** should reach out to you when the access a banking website that is decrypted?
In general, I assume it could be difficult to find a list as keeping this list current is not that easy (which is why companys want you to pay money for this service :P )
... or you simply start creating your own list ;)
Agreed with @vsys_remo, if you want to do something like this it would actually make more sense to actually purchase the URL Filtering license so you can actually get category updates.
FYI, I actually use the URL categories and manually maintain a list of some of the smaller banks that I know my end-users utilize to ensure that we aren't decrypting banking information if we can at all help it.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!