Example: server protection in TLS inspection
Company A’s server offers HTTPS services to their customers. The administrators want to be able to detect and block attacks targeting the HTTPS server, even if the attacks are encrypted inside an SSL tunnel.
They decide to configure TLS Inspection to decrypt and inspect traffic to and from the HTTPS server.
The administrators do the following:
- Create a TLS Credentials element and import the private key and certificate of the HTTPS server.
- Select the TLS Credentials in the Engine Editor.
- Create Access rules with the default HTTPS (with decryption) Service as the Service.
- On Engines, use the Medium-Security Inspection Policy to look for attacks in HTTP traffic and check the HTTP traffic against the anti-malware signatures. On IPS engines, use the Inspection rules from the IPS Template to look for attacks in HTTP traffic.
- Save and install the policy.