Hello OPNsense community!
I use a cloud service that synchronizes my calendars (Outlook and Google) to manage my availability without revealing my private appointments. The issue is securing this flow! It sends a lot of data to cloud servers on a regular basis. I would like to know how you manage this type of permanent SaaS/cloud connection on the firewall. Is there a specific rule with Suricata/Zenarmor or a filtering trick to isolate this traffic without blocking it?
Most surely not. Either the cloud service supports encryptrion or it doesn't. You cannot encrypt on your side of the connection only.
On the other hand, if it is encrypted, you cannot decrypt it, because the client can verify the identity of the server (which it surely will) and not connect if a different certificate is presented.