Jump to content

SSL Inspection on the Endpoint or Network


Cp3p0
 Share

Recommended Posts

Hi all,

I've got a question regarding SSL Inspection/Decryption, You'll have to forgive me for the uneducated and or limited understanding.

Hopefully you can read between the lines.. 

Anyway, the majority of Firewalls now offer SSL Inspection or Decryption as they say, in particular, Forcepoint which requires importing a CA to every machine usually by the likes of GPO.

Noting that ESET Endpoint products already imports a root CA on every Endpoint and perform SSL Inspection/MITM to inspect all traffic...

Will this cause complications for with SSL Inspection enabled at a firewall/network level? 

Or is it one of those, "It's up to you whether you perform SSL Inspection at a Network/Firewall level or Endpoint level"?

Or is it actually totally fine to perform this on both, will I need to import any trusted CA into ESET? 

Any comments, advise or general read that will better my understanding would be greatly appreciated.

Thank you!

Link to comment
Share on other sites

  • Administrators

Basically there shouldn't be issues except that ESET will not be able to detect untrusted certificates and this will need to be handled by the firewall. Also my understanding is that you won't be able to make SSL exclusions based on the certificate used.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...