Integrated SSL Scanning
Page 13 Finjan proprietary and confidential
3. HTTPS Policies
HTTPS policies provide the option to define which HTTPS sites are
scanned or blocked and which have content bypassing. The blocking
mechanism is based on white lists, URL categorization, and validation of
certificates for errors.
Finjan provides two preconfigured HTTPS policies:
♦ Default HTTPS Policy: This policy contains only one rule, which is
designed to block any sites that contain faulty certificates. Please refer
to the Security Policies In-Depth manual for further information.
♦ Default Emergency HTTPS Policy: This was designed for emergency
situations and contains two rules. The first rule allows only white list
URLs, and the second rule blocks the rest of the HTTP traffic. This can
be globally enabled via Policies Æ Default Policy Settings Æ Enable
Emergency Policy checkbox.
In addition to these two policies, the user can configure supplemental
policies and rules. The security policies apply only to the Scanning
Server’s handling of certificate validation, either bypassing scanning or
blocking HTTPS traffic. Once traffic is decrypted, the Scanning Server
scans the traffic based on the regular security policies assigned to the
users.
4. Configuring HTTPS Support
HTTPS scanning is a license-based feature. HTTPS scanning enables
decrypting HTTPS traffic and inspecting it for malicious code. It then re-
encrypts the communication and sends it through to the end-user,
ensuring clean content. Administrators can also set Bypass, Inspect
Content, and User Approval policies for encrypted traffic to remove the
decision making from end-users.
The Certificate Validation functionality ensures that corporate policies for
certificates are enforced by automatically validating each certificate and
ensuring that the chain returns to the trusted authority.
To configure HTTPS scanning, navigate in the Management Console to
Administration Æ System Settings Æ Finjan Devices Æ HTTPS.
To Next Page
Loading...
Need help?
General
