08-13-2016 09:19 PM
If we're strictly doing web filtering and the appliance can still detect and filter HTTPS sites with SSL inspection off, why would we want to decrypt? Solely for the extra granularity like blocking facebook games and such?
08-14-2016 05:17 AM
One example could be that AMP on the WSA finds malicious downloads that your desktop AV would miss. Or Data loss prevention that you can inspect what your users are uploading to cloud-services.
08-14-2016 05:21 PM
Another case is for user authentication, Here are the options in WSA HTTPs Proxy configuration.
Decrypt for Authentication: |
Enabled |
Decrypt for End-User Notification: |
Enabled |
Decrypt for End-User Acknowledgement: |
Enabled |
Decrypt for Application Detection: |
Disabled |
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: