Use SSL Inbound Inspection to decrypt and inspect inbound
SSL traffic from a client to a targeted server (any server you have
the certificate for and can import it onto the firewall). For example,
if an employee is remotely connected to a web server hosted on the
company network and is attempting to add restricted internal documents
to his Dropbox folder (which uses SSL for data transmission), SSL
Inbound Inspection can be used to ensure that the sensitive data
does not move outside the secure company network by blocking or
restricting the session.
Configuring SSL Inbound Inspection includes importing the targeted
server certificate and key on to the firewall. Because the targeted
server certificate and key are imported on the firewall, the firewall
is able to access the SSL session between the server and the client
and decrypt and inspect traffic transparently, rather than functioning
as a proxy. The firewall is able to apply security policies to the
decrypted traffic, detecting malicious content and controlling applications
running over this secure channel.