Can ASA with FirePower services inspect SSL traffic or we need SSL inspection appliance.
How can ASA force Application Control for SSL. Let say, allow only reading of Social Networking while bloking upload/post if not be able to see inside SSL?
ASA cannot block HTTPS
Firepower has an option of URL blocking that treats http and https as equal
You can go through it for more info:
Please rate the helpful posts
Thank you for answer.
But, then I’ll still have usual issues when there is no SSL interception like:
So, for that we need SSL Appliance?
Adding on to what puneesh said , we can use DNS REGEX on the ASA device is the DNS queries are going through the ASA device and then block the HTTPS websites as well if only blocking is required and not looking in the SSL header is the required.
Thanks and Regards,