Cp3p0 6 Posted October 4, 2019 Posted October 4, 2019 Hi all, I've got a question regarding SSL Inspection/Decryption, You'll have to forgive me for the uneducated and or limited understanding. Hopefully you can read between the lines.. Anyway, the majority of Firewalls now offer SSL Inspection or Decryption as they say, in particular, Forcepoint which requires importing a CA to every machine usually by the likes of GPO. Noting that ESET Endpoint products already imports a root CA on every Endpoint and perform SSL Inspection/MITM to inspect all traffic... Will this cause complications for with SSL Inspection enabled at a firewall/network level? Or is it one of those, "It's up to you whether you perform SSL Inspection at a Network/Firewall level or Endpoint level"? Or is it actually totally fine to perform this on both, will I need to import any trusted CA into ESET? Any comments, advise or general read that will better my understanding would be greatly appreciated. Thank you!
Administrators Marcos 5,451 Posted October 4, 2019 Administrators Posted October 4, 2019 Basically there shouldn't be issues except that ESET will not be able to detect untrusted certificates and this will need to be handled by the firewall. Also my understanding is that you won't be able to make SSL exclusions based on the certificate used.
Recommended Posts