Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Differences between Monitor and Decrypt actions in Decryption Policies

Hi Everybody,

Currently I'm working in my first WSA (S170) implementation and some questions has popped up while I was configuring the Decryption policies. The main question here is:

What are the differences between "monitor" and "decrypt" in the URL Filtering options. As I understand the "decrypt" action allows the WSA to decrypt the packet and treats it like a plain HTTP packet applying the Access Policies, malware inspection and so on. Then I do not really know what the Monitor option does, I'm assuming that it does not decrypt the packet and only checks the destination URL and to allow or not the connection.

Thanks in advance for your collaboration.

Jose M. Cortes H.

  • Web Security
1 ACCEPTED SOLUTION

Accepted Solutions

Differences between Monitor and Decrypt actions in Decryption Po

If you set it for Decrypt, it always decrypts stuff in that category.

If you set it to monitor, then other criteria in the policy are used for whether to decrypt or not, such as Web Reputation...

Here's the flow, which I pulled from the online help:

https://wsaip:port/help/wsa_help/index.html?Decryption_policies11.html#wp1208329

1 REPLY

Differences between Monitor and Decrypt actions in Decryption Po

If you set it for Decrypt, it always decrypts stuff in that category.

If you set it to monitor, then other criteria in the policy are used for whether to decrypt or not, such as Web Reputation...

Here's the flow, which I pulled from the online help:

https://wsaip:port/help/wsa_help/index.html?Decryption_policies11.html#wp1208329

2318
Views
5
Helpful
1
Replies