- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-25-2025 07:39 AM
Hello guys,
I want to know if there is a resource where I can find if SSL decryption is required or not to identified the APP traffic.
I have this information inside Palo Alto Networks Content Update mail but I don't find this information in applipedia or somewhere else.
Anybody have an idea ?
Best,
Alexis
07-28-2025 08:43 AM - edited 07-28-2025 08:45 AM
Hi @A.Molter ,
SSL Decryption is required for application traffic that is encrypted by SSL/TLS, if you would like to truly identify what the underlying application is. If you go onto your monitor tab and view traffic from your trust zone to the untrust zone, you will likely find a number of connections that have the app-id "ssl". Without decryption, you don't really know what type of application the connection is because the firewall can't inspect the encrypted payload. The employee could be watching a cnn video or a youtube video.
I would recommend taking a look at how much SSL traffic traverses any firewall you might have that sits at the edge. Head over to your ACC tab on your firewall. Then click on SSL activity and set the time frame to last 90 days. How much SSL traffic do you see? How does it compare to other traffic? There is all your application traffic that hides behind encryption.
I would recommend reading Decryption Basics and Decryption best practices.
07-28-2025 11:33 PM
Hello @JayGolf ,
Thanks for all thoses advices.
But I just want to know if there is a documentation about what applications required decryption to be identified and what not.
I am surprised to find this information inside Palo Alto Networks Content Update newsletter but not in the applipedia.
This can be helpful to understand what applications can be block or allow in network without decryption.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!