About Scanning Encrypted Traffic

By default the Symantec Web Security Service does not intercept inbound HTTPS traffic from destination web locations and applications. With the default configuration, the Web Security Service applies content filtering policy to the furthest extent possible; however, it cannot apply policies to transactions that require deeper inspection, such as web application controls or malware scanning. Enabling SSL interception allows the Web Security Service to decrypt HTTPS connections, examine the contents, and perform policy checks.

To retain the security of personal private information, Symantec recommends excluding some content filtering categories from termination and inspection. By default, the Web Security Service does not intercept HTTPS traffic categorized as Brokerage/Trading, Financial Services, and Health, because this content usually involves private, sensitive personal account information. Additionally, for mobile devices, the Web Security Service does not intercept traffic from a list of specific applications as these applications are known to break when intercepted on mobile devices.

To view which applications the Web Security Service bypasses, see: KB Article

Tip: If your policy allows uploading and downloading attachments in Gmail, you must enable SSL Interception. See Define a User-Based Web Applications Policy.

Tip: All Intermediate CAs used for certificate emulate are signed with SHA-2 (SHA256).

See Also: About the All Ports License.

Next Step

Alternate Media

PDF