Differences between Monitor and Decrypt actions in Decryption Policies
Currently I'm working in my first WSA (S170) implementation and some questions has popped up while I was configuring the Decryption policies. The main question here is:
What are the differences between "monitor" and "decrypt" in the URL Filtering options. As I understand the "decrypt" action allows the WSA to decrypt the packet and treats it like a plain HTTP packet applying the Access Policies, malware inspection and so on. Then I do not really know what the Monitor option does, I'm assuming that it does not decrypt the packet and only checks the destination URL and to allow or not the connection.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...