How will the Symantec Web Gateway policies be affected by HTTPS/SSL connections to popular websites?

book

Article ID: 158029

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

Many popular websites (such as google.com, or facebook.com) can now be accessed over an encrypted HTTPS/SSL connection. You wish to know how this will affect the application of SWG Content Filtering policies on these sites.

Cause

Depending on the mode being used, the behaviour of the Web Gateway with regard to HTTPS (aka SSL/TLS) traffic changes. This is because a HTTPS session is a point to point connection between the users browser and the remote site.

This kind of traffic cannot be intercepted by an inline SWG. However, it can be blocked by an SWG in proxy mode. However, a blocking page will only be displayed if the SWG is able to intercept and redirect the session using the SSL decryption proxy function.

Resolution

The following table describes the behaviour of the SWG with regard to HTTPS/SSL traffic in a variety of situations:

SWG Mode Blocked? Blocking Page?
Inline N N
Proxy Y N
SSL Proxy Y Y

n.b. A blocking page is only displayed for SSL traffic using the properly configured SSL Decryption Proxy option (port 8443) of the SWG.