Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Shahar_Grober
Advisor

Check which blades are inspecting a single connection

Hi,

 

Is there a way to see which blades are inspecting a single connection?

To be more specific, I want to make sure that a connection which is encrypted by S2S VPN is inspected by Threat Prevention blades (IPS, AV/AB) before it goes through the VPN tunnel. Is there a way to see the chain per connection?

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

There’s an option in fw monitor that shows the packet as it goes through the various chains, if you really want to confirm, but in general, yes, all the blades should inspect the traffic.

fw ctl chain shows your up that encryption happens early in the process inbound (must be decrypted before inspection) and late in the process outbound (after most inspections).

 

Shahar_Grober
Advisor

thanks Dameon,

I will dig in fw montior and fw ctl chain
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events