This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
patones1
Contributor
‎2024-01-02 07:56 AM
In response to Tobias_Moritz

Hello Tobias,

I know that "Any" is not a good choice for production. But here I am just testing.
As long App. Control & URL Filtering are activated on the blade, all https traffic (set to inspect in the https rule) should be inspected because "Any" is everything including AppCtrl/URLF objects; but it is not the case.

For the tests you asked me:

  • I replaced the Internet object on the HTTPS rule base by the All_Interntet. --> NO https inspection
  • I also replaced the Internet object on the Access Control rule base by the All_Interntet. --> NO https inspection
  • Then, without changing what I just did, I tested again adding the HTTPS default services” at the services field on 5.1 rule --> NO https inspection
  • Finally I put back the previous values at the destinations and created a new HTTPS service with default port but I enabled protocol signature. I added the service in the 5.1 rule

 

Rule_base2.jpg

It worked. HTTPS Inspection is working with the service HTTPS_clone.

Finally using the HTTPS service with the protocol signature enable, allows all the HTTPS traffic to match the rule 5.1 and to be inspected. "Any" should do that but it is good to know that we can manage it by using the service.

Cheers

Miguel

 

(1)
Who rated this post