Hi Team,
I have below 2 tasks which needs to be closed from PaloAlto Level. Appreciate your quick response.
Task 1
"1.Configure SSL Forward Proxy for all traffic destined to the Internet"
As per the Best Practices we have to enable ssl Decryption for Internet Traffic for that we have to push Certificate to Domain users but My case we have separate Proxy for http and HTTPs Traffic which is in DMZ Zone so we pushed only Proxy certificate to Clients.
In that case Traffic going via Proxy.
Kindly share the PA Recommendation whether i have to enable again for all clients with PA CA certificate or not.
Kindly confirm how to fix this Task 1.
Task 2
"Allow the firewall to forward decrypted content to WildFire. Note that SSL Forward-Proxy must also be enabled and configured for this setting to take effect on inside-to-outside traffic flows"
what will happen if i enable this option since i didn't enabled SSL decryption.
Kindly confirm how to fix this Task 2.
... View more