Decrypt Mirror Interface
- Network > Interfaces > Ethernet
To use the Decryption Port Mirror feature, you must select the Decrypt Mirror interface type. This feature enables creating a copy of decrypted traffic from a firewall and sending it to a traffic collection tool that can receive raw packet captures—such as NetWitness or Solera—for archiving and analysis. Organizations that require comprehensive data capture for forensic and historical purposes or data leak prevention (DLP) functionality require this feature. Decryption port mirroring is only available on PA-7000 Series firewalls, PA-5000 Series firewalls, and PA‑3000 Series firewalls. To enable the feature, you must acquire and install the free license.
To configure a decrypt mirror interface, click the name of an Interface (ethernet1/1, for example) that is not configured and specify the following information.
Decrypt Mirror Interface Settings
The interface name is predefined and you cannot change it.
Enter an optional description for the interface.
Select Decrypt Mirror.
Select the interface speed in Mbps (10, 100, or 1000), or select auto to have the firewall automatically determine the speed.
Select whether the interface transmission mode is full-duplex (full), half-duplex (half), or negotiated automatically (auto).
Select whether the interface status is enabled (up), disabled (down), or determined automatically (auto).
Decryption Mirroring creates a copy of the decrypted (cleartext) traffic and sends it to a device that can archive and analyze the traffic. ...
Decryption Profile General Settings
Decryption Profile General Settings The following table describes the general settings for decryption profiles. Decryption Profile — General Settings Description Name Enter a profile name ...
Configure Decryption Port Mirroring
Where permitted by law, you can decrypt traffic and send the cleartext (unencrypted) traffic to a device that can archive and analyze the traffic. ...
Create a Decryption Profile
Attach Decryption profiles to Decryption policy rules to control the protocol versions, algorithms, verification checks, and session checks the firewall accepts for the traffic defined ...
Log Card Interface
Log Card Interface Network > Interfaces > Ethernet If you configure log forwarding on a PA-7000 Series firewall, you must configure one data port as ...
HA Interface Network > Interfaces > Ethernet Each high availability (HA) interface has a specific function: one interface is for configuration synchronization and heartbeats, and ...
PA-7000 Series Layer 2 Interface
PA-7000 Series Layer 2 Interface Network > Interfaces > Ethernet Select Network Interfaces Ethernet to configure a Layer 2 interface. click the name of an ...
Objects > Decryption Profile
Objects > Decryption Profile Decryption profiles enable you to block and control specific aspects of the SSL forward proxy, SSL inbound inspection, and SSH traffic. ...
Tap Interface Network > Interfaces > Ethernet You can use a tap interface to monitor traffic on a port. To configure a tap interface, click ...