Wildfire without SSL Decryption

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Palo Alto Networks Approved
Palo Alto Networks Approved
Community Expert Verified
Community Expert Verified

Wildfire without SSL Decryption

L2 Linker

We are looking at Wildfire for our PA firewalls however, we are not doing any SSL decryption. Going into it I figured we only be and to use it on unencrypted traffic. But looking at the Wildfire datasheet under file support it lists TLS and SSL files. I'm confused how that would work at the firewall itself couldn't actually read it. Is it saying it's only supported if you decrypt these files, thus no longer making them TLS/SSL? Or do we truly receive the full benefit of Wildfire without decryption? 

 

bafergel_1-1627663836266.png

 

Network Administrator
1 accepted solution

Accepted Solutions

L7 Applicator

Hi @bafergel 

This is written a little bit confusing, but I think the last part there belongs to links in emails which means if a link to a file in an email points to an URL with https it is supported that wildfire downloads this file and executes it in the wildfire sandbox. Without decryption you definately don't receive the full benefit of wildfire.

View solution in original post

1 REPLY 1

L7 Applicator

Hi @bafergel 

This is written a little bit confusing, but I think the last part there belongs to links in emails which means if a link to a file in an email points to an URL with https it is supported that wildfire downloads this file and executes it in the wildfire sandbox. Without decryption you definately don't receive the full benefit of wildfire.

  • 1 accepted solution
  • 2504 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!