cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
952
Views
0
Helpful
1
Replies

cisco FTD File Policy with ssl decryption

atrif
Level 1
Level 1

Hello team,

I'm asking if i can create a file policy that inspect files through encrypted tunnel ssl/TLS communication.

regards

Ahmed

1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

If you have an SSL policy that decrypts the traffic for inspection, any file policy happens post-decryption in the Snort order of operations - so it should inspect the files.

Few people use Firepower for widespread decryption of all incoming traffic though. It's generally more advisable to put AMP on the endpoints for things like that.

Review Cisco Networking for a $25 gift card