Decryption Settings: SSL Decryption Settings

SSL Decryption Settings
to enable inspection of SSL/TLS handshakes when users navigate to websites over a decrypted HTTPS connection. The Content and Threat Detection (CTD) engine on the firewall will evaluate the contents of the handshake against Security policy rules, which enables the firewall to enforce the rules as early in the session as possible. You must have a URL Filtering subscription, configure either SSL Forward Proxy or SSL Inbound Inspection, and block specific URL categories in your Security policy rules to use this feature.
URL Filtering response pages do not display for sites that are blocked during SSL/TLS handshake inspection. After detecting traffic from blocked categories, the firewall resets the HTTPS connection, ending the handshake and preventing user notification by response page. Instead, the browser displays a standard connection error message.
SSL Decryption Settings
Send handshake messages to CTD for inspection
Select to enable CTD to inspect SSL/TLS handshakes during decrypted web sessions.

Recommended For You