TLS inspection and how it works

TLS inspection allows you to decrypt traffic uses the TLS protocol to secure connections, such as HTTPS traffic, so that it can be inspected.

The TLS inspection feature consists of server protection and client protection:

• Server protection decrypts incoming TLS connections from external clients to servers in the protected network.
• Client protection decrypts outgoing TLS connections initiated by clients in the protected network to external servers.

You can use client protection alone, server protection alone, or client and server protection together. After decrypting the traffic, you can apply normal HTTP inspection and optionally malware scanning to the traffic. If the traffic is allowed to continue, the NGFW Engine re-encrypts the traffic and forwards it to its original destination.