Palo Alto SSL Forward Proxy (Outbound SSL Decryption) [2024]
ฝัง
- เผยแพร่เมื่อ 28 มิ.ย. 2024
- In this tutorial you're going to learn how to configure outbound SSL/TLS Decryption (SSL Forward Proxy) on the Palo Alto Firewall.
We will show you how to use SSL Decryption on the Palo Alto to help block uploads to Google Drive.
If you have questions, suggestions, or any kind of feedback, please don't hesitate to comment below! I will reply as soon as possible.
Timeline:
00:00 Palo Alto Outbound SSL Decryption
00:09 Introduction
01:29 Possible Problems with SSL Decryption
03:02 Block Google Drive Upload with SSL Decryption
#paloaltofirewall #paloaltonetworks #firewall - วิทยาศาสตร์และเทคโนโลยี
🔥 Join our exclusive online training: "Mastering Palo Alto Firewalls: Comprehensive Training in Operation and Management." 🚀 Prepare confidently for the PCNSA exam with expert guidance and hands-on exercises. Reserve your spot now and benefit from Early Bird discounts and bonusses! 💻 Learn more and register at netsums.com/training
fantastic explanation. thanks for all the effort you put into these videos.
Thanks a lot for your clarifications
You're welcome, I'm glad you liked the video. :)
Awesome
Thank you, I'm glad you liked it. :-)
Hello, excellent explanation, my compliments.
I would like to see that scenario with an enterprise CA or PKI. Thanks for sharing your knowledge.
Hi. Thank you for the comment. :-) im glad you liked the video. I will keep your suggestion in mind for the next tutorials.
Hi Thanks for this. What would happen if there are two firewalls in series, both wanting to decrypt the traffic?
Hi. The second firewall will consider the first as a client (normal PC, just as a server doesn't know it's communicating with a firewall), and will show its certificate to the first firewall. I hope I could answer your question. :)
@@netsums Thank you ever so much for your response. I thought along the same lines. Problem is one firewall will only allow us to export it's root CA cert the other is a Palo. We have to work out the logic to position the firewalls in a way to achieve our goals. Thanks again.
In my opinion the Palo does a pretty good job identifying apps, like differenciating Google drive/docs uploads and downloads, for example. So I would tend to activate the ssl decryption only on the Palo and not on the other firewall, specially if you have the threat prevention license. But yes, it depends also on how the firewalls are setup in your environment.
Everyone fears this. It's always a nightmare to deploy.
That's also my experience. Nowadays most companies need it, but it can be a pain for the administrators. And not all users are very understanding, when something that worked before suddenly stops working. 😊
Hey can you make video on how to do segmentation on firewall
Hi. What do you mean exactly? Through zones? Or like using different virtual routers?