Hey everyone! I'm curious if any of you have implemented SSL decryption on your firewalls. Do you think the time and effort spent setting it up has been worth it in terms of improving security? Are there any pitfalls or considerations I should keep in mind before, during, or after the setup? Appreciate any insights you can share!
5 Answers
HSTS is becoming more common, so many sites are adopting it. Think twice before decrypting things like healthcare or banking data. Creating Active Directory groups to exclude certain users can streamline troubleshooting for those annoying calls to support when things go wrong.
We tried SSL decryption, but honestly, it caused a lot of headaches without enough benefit. We ended up disabling it and now just focus on device-level filtering. It doesn’t cover everything, like IoT devices, but it works for about 99% of user devices without the hassle.
SSL decryption is crucial for effective malware protection and content filtering. Make sure to deploy a certificate across all PCs in your network. Just note that some websites really dislike deep packet inspection, so be prepared for occasional exceptions to things that don’t play nice with it.
Definitely worth it, especially using a Palo Alto firewall! Key tips: set up a CA certificate and push it to endpoints. Be aware that tons of sites might break, particularly those using certificate pinning. So prepare rules for critical sites in advance, testing will save you headaches! Overall, it gives a lot of visibility and control over the network.
Great tips! What kind of critical sites should I think about for those rules?
It can cause a significant number of applications to break. Have a solid plan for adding exception lists and managing the certificate stores—it’s a lot of work! Apple and Microsoft have lists of endpoints to help you prepare for potential issues, but expect to encounter some difficulties.
That's a neat idea! It'll make it easier for support to pinpoint issues. Thanks for the insight!