Integrated SSL Scanning
Page 11
Finjan proprietary and confidential
3.
HTTPS Policies
HTTPS Policies provide the option to define which HTTPS sites are
scanned or blocked and which have content bypassing. The blocking
mechanism is based on White Lists, URL categorization and checking to
see if certificates have errors or comply with validation criteria.
Finjan provides two preconfigured HTTPS policies:
Default HTTPS Policy: This Policy contains just one rule which is
designed to block any sites that contain faulty certificates. Please refer
to the Security Policies In-Depth manual for further information.
Default Emergency HTTPS Policy: This was designed for emergency
situations and contains two rules. The first rule allows only white list
URLS and the second rule blocks the rest of the HTTP Traffic. This
can be globally enabled via Policies
Default Policy Settings
Enable Emergency Policy checkbox.
In addition to the above two policies, the user can configure additional
policies and rules. The security policies apply only to the way that the
scanning server handles the certificate validation, bypassing scanning or
blocking HTTPS traffic. Once traffic is decrypted, the Scanning Server
scans the traffic based on the regular security policies, assigned to the
users.
4.
Configuring HTTPS Support
HTTPS scanning is a license based feature. HTTPS scanning enables
decrypting HTTPS traffic and inspecting it for malicious code. It then re-
encrypts the communication and sends it through to the end-user,
ensuring clean content. Administrators can also set Bypass, Inspect
Content and User Approval policies for encrypted traffic in order to remove
the decision making from end-users.
The certificate validation functionality ensures that corporate policies for
certificates are enforced by automatically validating each certificate and
ensuring that the chain goes back to the trusted authority.
To configure HTTPS scanning, navigate in the Management Console to
Administration
System Settings
Finjan Devices
HTTPS.
