Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
507
Views
0
Helpful
2
Replies

Why decrypt?

blroberts2
Level 1
Level 1

‎08-13-2016 09:19 PM

If we're strictly doing web filtering and the appliance can still detect and filter HTTPS sites with SSL inspection off, why would we want to decrypt?  Solely for the extra granularity like blocking facebook games and such?

Labels:
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

‎08-14-2016 05:17 AM

One example could be that AMP on the WSA finds malicious downloads that your desktop AV would miss. Or Data loss prevention that you can inspect what your users are uploading to cloud-services.

0 Helpful

Tao Yang
Cisco Employee
Cisco Employee

‎08-14-2016 05:21 PM

Another case is for user authentication, Here are the options in WSA HTTPs Proxy configuration.

Decrypt for Authentication:

Enabled

Decrypt for End-User Notification:

Enabled

Decrypt for End-User Acknowledgement:

Enabled

Decrypt for Application Detection:

Disabled
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents