Exempt traffic from SSL Interception

book

Article ID: 169172

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

You need to exempt traffic from SSL interception. For example, banking and healthcare sites are often exempted for compliance reasons.


 

Resolution

To add a destination or source to SSL Interception Exemptions:

  1. Log in to your Web Security Service Portal account.
  2. Select Policy > TLS/SSL Interception > TLS/SSL Interception Policy.
  3. Select " + Add Rule"
a > Sources > Add Sources
(Users, Groups, IPs/Subnets, Locations, Deployment types, etc)
b > Destinations > Add Destinations
(Categories, Domains/URLs, IPs/Subnets,etc)
 
      4. Once the Source and/or Destination has been set, Set Verdict to "Do Not Intercept"
      5. Select Add Rule
      6. Select "Activate Policy" to activate the changes.
 
For additional information on SSL interception, please visit our web guide on the topic by clicking here.
      


NOTE: After they are added to the list, the Web Security Service will not intercept traffic from these sources or to these destinations. Currently, traffic sent from a mobile device (iOS or Android) is always exempt from SSL Interception.

IMPORTANT:
By adding SSL Interception Exemptions, you understand and acknowledged that Web Security Service will NOT intercept traffic that matches these conditions.