Cloud / ThreatPulse SSL Interception


<< Back to Knowledge Search

Solution

Overview

For information: portal.threatpulse.com/docs/sol/Content/03Solutions/ManagePolicy/SSL/about_ssl_co.htm

> How do I enable SSL interception for the ThreatPulse / Cloud service?

> How do I bypass certain sites or categories from SSL interception for the ThreatPulse / Cloud service?

> After enabling SSL Interception, some sites do not appear to be intercepted.

Cause
Resolution

portal.threatpulse.com/docs/sol/Content/03Solutions/ManagePolicy/SSL/ssl_enable_ta.htm

To enable SSL interception for the ThreatPulse service:

  1. Log in to your ThreatPulse account (portal.threatpulse.com).
  2. In Service Mode, select Network > SSL.
  3. Select On.
  4. Click Activate.

After you enable SSL interception, your end-users might begin receiving SSL warnings in the browser because the CA which signs the intercepted traffic is not automatically trusted by the browsers.

You must manually download the ThreatPulse SSL Root Certificate and install it into the browser Trusted Root Certification Authorities. This can normally be pushed out to your browsers through your internal organizations group-policy.

By default, the following categories are not intercepted, as they might contain private/personal information:

  • Brokerage/Trading
  • Financial Services
  • Health

To edit these categories, select Pass Through Categories and tick the categories to bypass SSL interception (or clear any categories).

You can also bypass specific domains or IP addresses. Click Pass Through Destinations.

 

 

Workaround
Additional Information
Bug Number
InQuira Doc IdKB5031
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      Cloud Security Service
Topic      SSL / HTTPS
Article Number      000008656
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat