SSL Inspection Policy
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|272
SSL Inspection Bypass Policy
You can select categories that are bypassed for all possible traffic regardless of its source and
destination. To configure more advanced exceptions, go to the SSL Inspection Exceptions
page.
To configure the SSL inspection bypass policy:
n
In the section Protocols to inspect - Select to inspect HTTPS, IMAPS, or POP3S
protocols.
n
In the section Assets to Inspect - Select to inspect devices by type: Desktop, Laptop,
Computer (R81.10.05 and higher), Other assets, and All assets. Devices are inspected
only if they were not bypassed by other settings.
n
In the section Wireless networks to bypass - Select or clear which wireless networks to
bypass. Untrusted networks are selected by default.
Note - Wireless networks must be assigned to Separate Network, not switch or
bridge.
n
In the section Bypass SSL inspection for the following categories > Categories -
Categories include Health, Government/Military, Financial services, and Well known
update services. Select or clear the privacy related categories that are not inspected. All
categories except for Media Streams are selected by default.
n
In the section Bypass SSL inspection for the following categories > Assets to bypass -
Select the MacOS checkbox to bypass macOS devices. This accelerates the
connection.
l
Bypass by MAC - Click to select devices from the Active Devices table by their
MAC addresses.
l
Bypass by IP - Click to configure exceptions to bypass SSL inspection policy for
specific IP addresses on the SSL Inspection Exceptions table.
n
In the section Tracking - Select to enable logs to see the SSL inspection policy decision
("Inspect" or "Bypass").
Note - The SSL Inspection generates these logs in addition to the Software
Blades logs.
To Next Page
