Palo Alto Networks firewalls can decrypt and inspect
traffic to provide visibility into threats and to control protocols,
certificate verification, and failure handling. Decryption can enforce
policies on encrypted traffic so that the firewall handles encrypted
traffic according to your configured security settings. Decrypt
traffic to prevent malicious encrypted content from entering your
network and sensitive content from leaving your network concealed
as encrypted traffic. Enabling decryption can include preparing
the keys and certificates required for decryption, creating decryption
profiles and policies, and configuring decryption port mirroring.