You can add domain URLs that need to be excluded from SSL decryption to a bypass list.
When you add domain URLs to the list, decryption is excluded for those in the list. F1E retrieves the SSL bypass list from FSM and applies policies accordingly. In Forcepoint Security
Manager (FSM) 10.3 onwards, you can use the Import functionality which can save time and improve efficiency by importing multiple domains simultaneously.
Steps
-
Go to .
-
Scroll down to Excluded Domains For SSL Decryption by Endpoint Inline Proxy.
Note: To enable the Inline Proxy mode, you must go to , and select Endpoint Inline Proxy in Endpoint Web Traffic Detection Mode in Properties for
your selected profile.
-
To search a specific URL, enter a search term in the Filter field.
-
To add the domain which you want to bypass in the URL section, do the following:
-
Enter the domain name in the URL field.
Note: Do not use wildcards.
-
Click Add
The domain update gets applied to both macOS and Windows Endpoints.
-
To perform bulk addition of domain lists, do the following:
-
Create a file listing the URLs.
- The file must be in .CSV file format.
- Ensure that the URLs in the CSV file are separated by commas.
- The maximum number of URLs is 6000.
- The maximum number of characters allowed in a URL is 254.
- The maximum number of characters for the overall list is 120,000.
-
Click Import.
-
Browse to the file you created, and then click OK.
-
To remove URLs from the list, do the following:
-
Select the desired check boxes from the list to select the URLs.
-
Click Remove.
-
Click Clear All to clear all URLs from the list.
-
Click Save.
-
Click Deploy.
Warning: No DLP Policies are applicable to the Inline Proxy bypassed URLs when these sites use HTTPS or Encryption.