SSL Decryption

Traffic that has been encrypted using the protocols SSL and SSH can be decrypted to ensure that these protocols are being used for the intended purposes only, and not to conceal unwanted activity or malicious content.

Palo Alto Networks firewalls decrypt encrypted traffic by using keys to transform strings (passwords and shared secrets) from ciphertext to plaintext (decryption) and from plaintext back to ciphertext (re-encrypting traffic as it exits the device).

cancel
Showing results for 
Search instead for 
Did you mean: 

SSL Decryption

Traffic that has been encrypted using the protocols SSL and SSH can be decrypted to ensure that these protocols are being used for the intended purposes only, and not to conceal unwanted activity or malicious content.

Palo Alto Networks firewalls decrypt encrypted traffic by using keys to transform strings (passwords and shared secrets) from ciphertext to plaintext (decryption) and from plaintext back to ciphertext (re-encrypting traffic as it exits the device).

SSL Decryption Discussions

Author Topic Views Replies
LAS
05-24-2022

SSL Decryption bug in PAN-OS 9.1.14

I recently upgraded from panos 9.1.13-h3 to 9.1.14 then SSL decryption stopped working, in the traffic monitor there wasn't any decryption error but w...

posted in General Topics

232 4
JoeKwok
05-19-2022

Decryption or blocking NordVPN

Is it possible for Palo Alto Firewall to decrypt third party VPN agent traffic such as NordVPN, NordLynx like decrypt HTTPS web-browsing traffic? If i...

posted in General Topics

210 3
deecheung
05-18-2022

Palo Alto PA-3220 replace Bluecoat Proxy

Hi Guys, Does anyone tried to use PA-3220 model as proxy server? Currently the internet traffic of my company is using bluecoat proxy with pac file (c...

posted in General Topics

177 3
natwong
05-14-2022

Captive Portal HTTP only landing page?

Hi,I have set up the CP successfully. I see the CP is running on PA redirect IP:6082 with HTTPS.Is there any way that we can use HTTP only on the CP l...

posted in General Topics

148 2
edogan
05-17-2022

"end" but no "start" log while session breakdown. logging set to start and end of session

Hello, we have the following issue: Customer complains, that their web services, that are reachable from the internet through a palo alto firewall, sh...

posted in General Topics

176 3

SSL Decryption Blogs

DOTW: What Are Cipher Suites?

01-06-2022 — Find out what are cipher suites and which ones are supported for the different features on your device in this Discussion of the Week. Find out what are cipher suites and which ones are supported for the different features on your device in this D...

Tags: decryption administration cipher suites decryption policy how to ssl SSL Decryption SSL Forward Proxy tls
Labels: administration Decryption How to SSL SSL Decryption tls
675 3 by in Blogs

The Increasing Necessity for SSL Decryption

07-07-2021 — From performance abilities to new hardware, SSL Decryption capabilities have been greatly improved.

Tags: SSL Decryption NGFW traffic
Labels: NGFW SSL Decryption
1367 3 by in Blogs

More on SSL Decryption

08-07-2020 — Read how SSL Decryption gives the ability to view inside of Secure HTTP traffic (SSL) as it passes through the Palo Alto Networks firewall.

Tags: 10.0 8.1 9.0 9.1 best practice decryption firewall hardware initial configuration next-generation firewall pan-os ssh proxy ssl SSL Decryption SSL Forward Proxy SSL inbound inspection ssl vpn strata vm-series Zone and DOS Protection
Labels: Pan-OS SSL Decryption SSL Forward Proxy
8107 3 7 by in Blogs

HTTP/2 Inspection

07-09-2020 — Starting with PAN-OS 9.0.0, HTTP/2 inspection is supported on Palo Alto Networks firewalls. Learn more here!

Tags: 9.0 decryption firewall http2 pan-os SSL Decryption
Labels: Decryption HTTP Pan-OS PAN-OS 9.0 SSL Decryption
5730 1 5 by in Blogs

AddTrust External CA Root Expired

06-05-2020 — AddTrust External CA Root expired on 30th of May, 2020. Find out how this can impact your traffic and how to fix this!

Tags: addtrust certificate decryption root certificate SSL Decryption
Labels: certificate Decryption SSL Decryption
3357 2 2 by in Blogs

SSL Decryption Articles

Best Practices for SSL Decryption with Prisma Access

01-13-2022 — Understand how SSL Decryption with Prisma Access can increase your visibility into network traffic and reduce security threats

Labels: Best Practices Prisma Access SSL Decryption SSL Forward Proxy
479 by in Prisma Access Webinars

SSL Decryption with Prisma Access

09-13-2021 — Gain visibility and control over network traffic through SSL Decryption with Prisma Access

Labels: Prisma Access SSL Decryption
781 by in Prisma Access Webinars

Keeping Configuration Aligned to Best Practices

03-31-2021 — Configuration changes are always necessary in a network, whether they are for adding new applications, allowing access to users or to create exceptions in security profiles. Prisma Access Cloud Management provides the ability for administrators to...

Tags: cloud management Prisma Access (Cloud Managed) Prisma Access Cloud Management SSL Decryption
Labels: Prisma Access Cloud Management SSL Decryption
707 by in Prisma Access Cloud Management Articles

SSL Decryption Videos

Additional Resources on Beacon

Visit Palo Alto Networks' learning platform, Beacon, for technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.