Does the EDR network scanner scan encrypted traffic?

book

Article ID: 224069

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

You wish to know if the Symantec Endpoint Detection and Response (EDR) network scanner can scan encrypted traffic.

Resolution

The EDR network scanner does not have the ability to decrypt SSL encrypted traffic, intercept it, or block it.  If scanning of encrypted traffic is desired then the traffic would need to first be decrypted by using the SSL VA solution, or similar technology, prior to being sent to the EDR.