From the course: Cisco CCNP SCOR v1.1 Security (350-701) Cert Prep: 2 Cloud and Content Security

Unlock this course with a free trial

Join today to access over 22,600 courses taught by industry experts.

TLS decryption

TLS decryption

From the course: Cisco CCNP SCOR v1.1 Security (350-701) Cert Prep: 2 Cloud and Content Security

Start my 1-month free trial Buy for my team

TLS decryption

- [Instructor] We now want to examine the TLS decryption feature of Cisco WSA. HTTPS is a secure version of HTTP using TLS for data encryption. If we're going to monitor HTTPS traffic, that's going to be a problem having that encryption in place. We can get around this by using the decryption feature to decrypt HTTPS traffic, and apply content-based access policies that are defined for our traffic. We can also choose to pass the encrypted traffic through without inspection, drop the HTTPS connection, or simply monitor the request. The first step in configuring this is to enable HTTPS detection on the WSA. We do this by going to the Security Services tab at the top and from the Sub menu, we want to choose HTTPS proxy. You can see that when we do that, currently we're told the HTTPS proxy is disabled. So we need to click the Enable and Edit Settings button to do that. Now we have this enabled, and we see some…

Contents