This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Where to find information about SSL decryption is (not) required to identified traffic

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Where to find information about SSL decryption is (not) required to identified traffic

A.Molter
L0 Member

‎07-25-2025 07:39 AM

Hello guys,

 

I want to know if there is a resource where I can find if SSL decryption is required or not to identified the APP traffic. 

 

I have this information inside Palo Alto Networks Content Update mail but I don't find this information in applipedia or somewhere else.

 

Anybody have an idea  ?

 

Best,

Alexis

0 Likes Likes
2 REPLIES 2

JayGolf
Community Team Member

‎07-28-2025 08:43 AM - edited ‎07-28-2025 08:45 AM

Hi @A.Molter ,

 

SSL Decryption is required for application traffic that is encrypted by SSL/TLS, if you would like to truly identify what the underlying application is. If you go onto your monitor tab and view traffic from your trust zone to the untrust zone, you will likely find a number of connections that have the app-id "ssl". Without decryption, you don't really know what type of application the connection is because the firewall can't inspect the encrypted payload. The employee could be watching a cnn video or a youtube video. 

 

I would recommend taking a look at how much SSL traffic traverses any firewall you might have that sits at the edge. Head over to your ACC tab on your firewall. Then click on SSL activity and set the time frame to last 90 days. How much SSL traffic do you see? How does it compare to other traffic? There is all your application traffic that hides behind encryption. 

 

I would recommend reading Decryption Basics and Decryption best practices.

 

LIVEcommunity team member
Stay Secure,
Jay
Don't forget to Like items if a post is helpful to you!

Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.
0 Likes Likes

A.Molter
L0 Member

‎07-28-2025 11:33 PM

Hello @JayGolf ,

 

Thanks for all thoses advices.

 

But I just want to know if there is a documentation about what applications required decryption to be identified and what not. 

I am surprised to find this information inside Palo Alto Networks Content Update newsletter but not in the applipedia.

 

This can be helpful to understand what applications can be block or allow in network without decryption. 

  • 526 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks