Scanning encrypted traffic on the Cloud

book

Article ID: 171488

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

By default, the Symantec Web Security Service does not intercept inbound HTTPS traffic from destination web locations and applications. With the default configuration, the Web Security Service applies content filtering policy to the furthest extent possible; however, it cannot apply policies to transactions that require deeper inspection, such as web application controls or malware scanning. Enabling SSL interception allows the Web Security Service to decrypt HTTPS connections, examine the contents, and perform policy checks.

To retain the security of personal private information, Symantec recommends excluding some content filtering categories from termination and inspection. By default, the Web Security Service does not intercept HTTPS traffic categorized as Brokerage/Trading, Financial Services, and Health, because this content usually involves private, sensitive personal account information.

 

Note: If your policy allows uploading and downloading attachments in Gmail, you must enable SSL Interception. See Define a User-Based Web Applications Policy. See Also: About the All Ports License.

Resolution

Link to complete article:

About Scanning Encrypted Traffic.