Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6875
Views
15
Helpful
1
Replies

Differences between Monitor and Decrypt actions in Decryption Policies

Go to solution
jose cortes
Level 1
Level 1

‎09-12-2013 10:50 AM

Hi Everybody,

Currently I'm working in my first WSA (S170) implementation and some questions has popped up while I was configuring the Decryption policies. The main question here is:

What are the differences between "monitor" and "decrypt" in the URL Filtering options. As I understand the "decrypt" action allows the WSA to decrypt the packet and treats it like a plain HTTP packet applying the Access Policies, malware inspection and so on. Then I do not really know what the Monitor option does, I'm assuming that it does not decrypt the packet and only checks the destination URL and to allow or not the connection.

Thanks in advance for your collaboration.

Jose M. Cortes H.

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Ken Stieers
VIP
VIP

‎09-13-2013 01:06 PM

If you set it for Decrypt, it always decrypts stuff in that category.

If you set it to monitor, then other criteria in the policy are used for whether to decrypt or not, such as Web Reputation...

Here's the flow, which I pulled from the online help:

https://wsaip:port/help/wsa_help/index.html?Decryption_policies11.html#wp1208329

View solution in original post

1 Reply 1

Go to solution
Ken Stieers
VIP
VIP

‎09-13-2013 01:06 PM

If you set it for Decrypt, it always decrypts stuff in that category.

If you set it to monitor, then other criteria in the policy are used for whether to decrypt or not, such as Web Reputation...

Here's the flow, which I pulled from the online help:

https://wsaip:port/help/wsa_help/index.html?Decryption_policies11.html#wp1208329

Customers Also Viewed These Support Documents