to enable inspection of SSL/TLS
handshakes when users navigate to websites over a decrypted
HTTPS connection. The Content and Threat Detection (CTD) engine
on the firewall will evaluate the contents of the handshake against
Security policy rules, which enables the firewall to enforce the
rules as early in the session as possible. You must have a URL Filtering
subscription, configure either SSL Forward Proxy or SSL Inbound Inspection,
and block specific URL categories in your Security policy rules
to use this feature.
URL Filtering response pages do not
display for sites that are blocked during SSL/TLS handshake inspection.
After detecting traffic from blocked categories, the firewall resets
the HTTPS connection, ending the handshake and preventing user notification by
response page. Instead, the browser displays a standard connection
SSL Decryption Settings
Send handshake messages to CTD for inspection
Select to enable CTD to inspect SSL/TLS handshakes
during decrypted web sessions.