How will the Symantec Web Gateway policies be affected by HTTPS/SSL connections to popular websites?
Last Updated July 29, 2014
Many popular websites (such as google.com, or facebook.com) can now be accessed over an encrypted HTTPS/SSL connection. You wish to know how this will affect the application of SWG Content Filtering policies on these sites.
Depending on the mode being used, the behaviour of the Web Gateway with regard to HTTPS (aka SSL/TLS) traffic changes. This is because a HTTPS session is a point to point connection between the users browser and the remote site.
This kind of traffic cannot be intercepted by an inline SWG. However, it can be blocked by an SWG in proxy mode. However, a blocking page will only be displayed if the SWG is able to intercept and redirect the session using the SSL decryption proxy function.
The following table describes the behaviour of the SWG with regard to HTTPS/SSL traffic in a variety of situations:
n.b. A blocking page is only displayed for SSL traffic using the properly configured SSL Decryption Proxy option (port 8443) of the SWG.
Imported Document ID: TECH206412
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe