Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Check which blades are inspecting a single connection

Hi,

 

Is there a way to see which blades are inspecting a single connection?

To be more specific, I want to make sure that a connection which is encrypted by S2S VPN is inspected by Threat Prevention blades (IPS, AV/AB) before it goes through the VPN tunnel. Is there a way to see the chain per connection?

0 Kudos
2 Replies
Highlighted
Admin
Admin

Re: Check which blades are inspecting a single connection

There’s an option in fw monitor that shows the packet as it goes through the various chains, if you really want to confirm, but in general, yes, all the blades should inspect the traffic.

fw ctl chain shows your up that encryption happens early in the process inbound (must be decrypted before inspection) and late in the process outbound (after most inspections).

 

Highlighted

Re: Check which blades are inspecting a single connection

thanks Dameon,

I will dig in fw montior and fw ctl chain
0 Kudos