Product concerned SNS 1 and higher versions
Last update: January 2019
Many network services such as web, mail, chat, etc. use the TLS (Transport Layer Security) protocol, better known under its former name SSL (Secure Sockets Layer), to authenticate peers and encrypt their communications.
SNS firewalls are able to filter and decrypt HTTPS connections, making it possible to:
- Block inappropriate HTTPS websites or categories of HTTPS websites,
- Analyze HTTPS traffic for application protection purposes (e.g., anti-virus, sandboxing, URL filtering, Google SafeSearch, etc.).
To enable these features on your firewall, you need to configure the SSL proxy.
This guide explains how the SSL proxy works, how to configure it and the best practices to adopt in order to optimize the filtering and analysis of HTTPS connections.