Dear mates,
I need a help with outbound HTTPS Inspection.
In my company we use 3rd party Proxy server for users Internet access. Inside and outside interfaces for this Proxy is located on ClusterXL. So i need to implement HTTPS inspection. I need to know which user go to one or the other Internet site/service. This need to know which user try to open Internet resources with viruses or threat. I try to apply HTTPS Inspection policy between Users and Proxy. It doesn't work. After that i try to apply HTTPS Inspection policy between Proxy and Internet. It works. But i faced with new problem. This Proxy server used by Linux users and another services which cannot work with HTTPS Inspection properly.
Why i am looking for solution where HTTPS Inspection policy should be between Users and Proxy server, because it is very scalable solution. In this implementation i can add or remove some networks for HTTPS Inspection. For example i can add Windows users networks and exclude Linux users or some one.
So i started to find solution about HTTPS Inspection and Proxy server. And i found that the Checkpoint HTTPS Inspection cannot work with NTLM and Kerberos authentication.
So my quesstion is. How can i implement HTTPS Inspection with 3rd party Proxy server, where i need to know which user go to one or the other Internet site/service?
P.S. in my company we cannot use Checkpoint as HTTP/HTTPS Proxy by internal position of the company.
P.P.S. Sorry for my English, it is not my native language.
TGS