Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
biskit
Advisor

HTTPS Inspection with BYOD

I'm looking for ideas/suggestions please...

How do you address the requirement HTTPS Inspection in a large BYOD environment?  Imagine thousands of users (students) where it's impossible to put the gateway cert on their devices....  What would you do?

0 Kudos
2 Replies
Wolfgang
Mentor
Mentor

We had a similar use case for a university campus. But the law does not allow such an interception for all the students. We're using the SNI inspection of URL-Filter and blocking all malicous/phishing etc. websites.

Additional to Check Points DNS  protection we are using DNS malware protection like cloudflares 1.1.1.2  https://blog.cloudflare.com/introducing-1-1-1-1-for-families/

 

the_rock
Champion
Champion

Adding to @Wolfgang said, another option would be https bypass rules.

0 Kudos