1. Home
    2. PAN-OS
    3. PAN-OS® Release Notes
    4. PAN-OS 7.1 Release Information
    5. Features Introduced in PAN-OS 7.1
    6. Decryption Features
    End-of-Life (EoL)

    Decryption Features

    New Decryption Features
    Description
    Transparent Certificate Distribution for SSL Forward Proxy
    You can now use GlobalProtect to easily distribute the forward trust certificate required for SSL Forward Proxy decryption to client systems.
    Perfect Forward Secrecy (PFS) Support with SSL Forward Proxy Decryption
    Palo Alto Networks firewalls now support PFS when performing SSL Forward Proxy decryption. PFS ensures that data from the session undergoing SSL Forward Proxy decryption cannot later be retrieved in the event that server private keys are compromised. You can enforce Diffie-Hellman key exchange-based PFS (DHE) and/or elliptic curve Diffie-Hellman-based PFS (ECDHE) with SSL Forward Proxy.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo