Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
438
Views
0
Helpful
1
Replies

CWS AV and File Type blocking with TLS/SSL decryption

Paul Masterton
Level 1
Level 1

‎04-28-2016 11:09 AM - edited ‎03-08-2019 05:39 PM

Hi All,

Probably a simple question but... I've got CWS set up with SSL/TLS decryption and working beautifully.

I decrypt all categories and let the existing HTTP rules dictate blocks and that works fine, for categories and blocked user agents.

However, none of my other HTTP rules apply:

  1. File filters - users can download blocked file extensions over HTTPS (but not HTTP)
  2. AV - there seems to be no AV on HTTPS transfers. EICARS downloads fine over HTTPS but is blocked over HTTP

Am I missing something blindingly obvious?

Any thoughts very welcome!

Labels:
0 Helpful
1 Reply 1

Edan Mudachi
Cisco Employee
Cisco Employee

‎04-28-2016 11:16 AM

Hi Paul,

I would recommend opening a TAC case and attach a whoami output so that we may review your HTTPs Inspection configuration.

Sincerely,

Edan Mudachi

0 Helpful
Customers Also Viewed These Support Documents