Decrypt TLSv1.3 traffic to protect against threats in
encrypted traffic while benefiting from TLSv1.3 application security
and performance improvements.
You can now decrypt, gain full visibility
into, and prevent known and unknown threats in TLSv1.3 traffic.
TLSv1.3 is the latest version of the TLS protocol, which provides
application security and performance improvements. Your existing
Decryption policies work with TLSv1.3 when you configure the associated
Decryption profile to use TLSv1.3 as the minimum protocol version
or to use TLSv1.3 or Max as the maximum protocol version. The firewall
supports TLSv1.3 decryption in all modes (Forward Proxy, Inbound
Inspection, Decryption Broker, and Decryption Port Mirroring).
use TLSv1.3, the client and server must be able to negotiate TLSv1.3
ciphers. For websites that don’t support TLSv1.3, the firewall selects
an older version of the TLS protocol that the server supports.
firewall supports the following decryption algorithms for TLSv1.3: