Inspection and Control of SSL-encrypted Traffic

Protocols (Regular Profile) : Inspection and Control of SSL-encrypted Traffic

Inspection and control of SSL-encrypted traffic includes a number of sequential steps that can be summarized as follows:

1. Identify the protocol used with SSL. When the protocol is identified, DeviceLock checks whether the user is allowed to connect via that protocol (see diagram in the Managed Access Control section earlier in this document).

2. Check whether the Block unrecognized outgoing SSL traffic option is enabled (see Managing Security Settings for Protocols).

3. Check whether traffic is allowed by a white list rule created for the Any protocol (see Protocol option description in Managing Protocols White List).

4. Check whether traffic is allowed by a firewall rule.

In the following diagram you can see how DeviceLock inspects SSL-encrypted traffic and applies appropriate security measures based on the policies defined.