SSL Decryption

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

SSL Decryption

L2 Linker

With SSL Decryption it is recomended that Financial services & Medical category is not decrypted.

My question is how do you ensure that sites that should not be decrypted are not i.e. JP Morgan is clearly a Financial services and will not get decrypted. 

But if a user were to access a very obsecure Financial Website it may be classified incorrectley as such would get decrypted, the user would not know this is happneing.

 

Is there any logs in the PA that one can look at get see this type of mis-clasification.

 

 

2 accepted solutions

Accepted Solutions

L6 Presenter

Short answer...No.

 

The only way you're gonna know is if you know the site and submit it for re-categorization.

 

The rationale for not intercepting finanicial is 2-fold.  The first being PII reasons.  The second being usually these types of sites more often than not are more prone to not working when intercepted.

 

If you're intercepting a site like this and users are expereincing problems you'll know and will have the chance to re-categorize it.

View solution in original post

Depends also for which clients you are intercepting and for which purpose.

 

A more strict policy is that stuff that cannot be intercepted (or is not allowed to) will be blocked (meaning you cant visit that financial site from your workstation at work as an example).

 

If you must know which sites you are "bypassing" SSL-termination for and URL-category isnt enough then create a custom URL-category where you put in your "whitelisted" sites into.

 

Will take some time and effort but at the same time - how many financial sites (that is truly financial sites - not just forums where the topic is financial related) does your clients visit? And how many new lets say banks to there show up which you then need to whitelist?

 

I guess you might have some work the first few days but then it will level out...

View solution in original post

2 REPLIES 2

L6 Presenter

Short answer...No.

 

The only way you're gonna know is if you know the site and submit it for re-categorization.

 

The rationale for not intercepting finanicial is 2-fold.  The first being PII reasons.  The second being usually these types of sites more often than not are more prone to not working when intercepted.

 

If you're intercepting a site like this and users are expereincing problems you'll know and will have the chance to re-categorize it.

Depends also for which clients you are intercepting and for which purpose.

 

A more strict policy is that stuff that cannot be intercepted (or is not allowed to) will be blocked (meaning you cant visit that financial site from your workstation at work as an example).

 

If you must know which sites you are "bypassing" SSL-termination for and URL-category isnt enough then create a custom URL-category where you put in your "whitelisted" sites into.

 

Will take some time and effort but at the same time - how many financial sites (that is truly financial sites - not just forums where the topic is financial related) does your clients visit? And how many new lets say banks to there show up which you then need to whitelist?

 

I guess you might have some work the first few days but then it will level out...

  • 2 accepted solutions
  • 2530 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!