From the course: Cisco CCNP SCOR v1.1 Security (350-701) Cert Prep: 2 Cloud and Content Security
Unlock this course with a free trial
Join today to access over 22,700 courses taught by industry experts.
TLS decryption
From the course: Cisco CCNP SCOR v1.1 Security (350-701) Cert Prep: 2 Cloud and Content Security
TLS decryption
- [Instructor] We now want to examine the TLS decryption feature of Cisco WSA. HTTPS is a secure version of HTTP using TLS for data encryption. If we're going to monitor HTTPS traffic, that's going to be a problem having that encryption in place. We can get around this by using the decryption feature to decrypt HTTPS traffic, and apply content-based access policies that are defined for our traffic. We can also choose to pass the encrypted traffic through without inspection, drop the HTTPS connection, or simply monitor the request. The first step in configuring this is to enable HTTPS detection on the WSA. We do this by going to the Security Services tab at the top and from the Sub menu, we want to choose HTTPS proxy. You can see that when we do that, currently we're told the HTTPS proxy is disabled. So we need to click the Enable and Edit Settings button to do that. Now we have this enabled, and we see some…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
(Locked)
Secure internet gateway11m 30s
-
(Locked)
Blacklisting and whitelisting5m 42s
-
(Locked)
URL filtering and categorization4m 41s
-
(Locked)
Malware scanning3m 29s
-
(Locked)
Web application filtering2m 40s
-
(Locked)
TLS decryption5m 10s
-
(Locked)
Traffic redirection2m 48s
-
(Locked)
User authentication6m 57s
-
Spam filtering9m 12s
-
(Locked)
Data loss prevention (DLP)9m 52s
-
(Locked)
Email encryption9m 28s
-
Email blacklisting4m 40s
-
(Locked)
Antimalware filtering5m 22s
-
(Locked)
Cisco umbrella overview8m 40s
-
(Locked)
Cisco umbrella identities5m 11s
-
(Locked)
Cisco umbrella URL content settings6m 1s
-
(Locked)
Cisco umbrella destination lists3m 55s
-
(Locked)
Cisco umbrella reporting4m 37s
-
(Locked)
-