Can I import an SSL certificate into Advanced Threat Protection (ATP) Platform to permit a proxy to analyse the SSL traffic from ATP to/from Symantec's public content servers?
ATP checks for a specific certificate from Symantec's public content servers and telemetry servers. ATP will disconnect from any TCP connection where it receives the wrong certificate.
Instead of importing an SSL certificate into ATP Platform to de-crypt conversations between ATP and Symantec content servers, Symantec supports permitting ATP appliances to connect to Symantec's public content servers.
To permit ATP appliances to connect to Symantec's public content servers and telemetry servers, do one of the following:
Whitelist the management interface of each ATP appliance within any inline device that de-crypts SSL or TLS traffic.
Route traffic from the management interface of each ATP appliance so that it bypasses the inline device that decrypts SSL traffic.
Subscribing will provide email updates when this Article is updated. Login is required.