Solved: Umbrella block page and SSL decryption

Chess Norris · ‎02-06-2023

Hello,

We are currently running Firepower FTD with URL filtering, but since we dont use a SSL policy, the users will not get a block page for SSL/HTTPS URL:s. I belive this will not be an issue with Umbrella since it's a cloud solution, but I just need to confirm this before suggestion this solution.

Thanks

/Chess

Rob Ingram · ‎02-06-2023

@Chess Norris you can block HTTPS URLs in Umbrella, to use the block page you will need to install the Umbrella root certificate (without it you'd get a certificate error).

View solution in original post

Rob Ingram · ‎02-06-2023

@Chess Norris you can block HTTPS URLs in Umbrella, to use the block page you will need to install the Umbrella root certificate (without it you'd get a certificate error).

Marvin Rhoads · ‎02-06-2023

Installing the Umbrella root certificate (usually via GPO or similar in an AD environment) works fine for managed computers. If you're blocking guests or unmanaged devices they will still get the untrusted certificate warning page.

Chess Norris · ‎02-06-2023

Thanks Marvin. Yes, thats a good point about guest networks. In this case all computer are manged, so it shouldn't be an issue.

The option is to do SSL decryption in our FTD, but we probably need to invest more money in hardware if we go that route.

/Chess

Chess Norris · ‎02-06-2023

Just the answer I was looking for.

Thanks

/Chess