Show Posts
1
Web Proxy Filtering and Caching / Re: Filtering without ssl inspection?
« on: September 27, 2019, 04:03:19 pm »
Hello Friend,
Sorry if my English is not clear.
That's right, but in transparent mode.
See my scenario:
In my case, the gateway is the network "firewall/proxy" itself, so I use transparent mode.
1st CASE:
I have several types of devices on the internal network. PCs, MACs, SmartPhones. And within each of these, applications that do not support redirecting to the proxy. So transparent mode is the output.
2nd CASE:
When I enable transparent mode, I have another problem, if I have ssl inspection, I must install certificate on every device on the network (HORRIBLE).
So,
HTTP -> caching, antivirus, etc ... Works well over transparent mode;
HTTPS -> so that there is no certificate installation, use SNI;
Server Name Indication (SNI)
Would SNI work for this scenario?
(Traffic https (filtered over header) on transparent mode and without having to install certificate on client)?
The references you submitted above do not tell you where to live SNI.
Obrigado.
Sorry if my English is not clear.
That's right, but in transparent mode.
See my scenario:
In my case, the gateway is the network "firewall/proxy" itself, so I use transparent mode.
1st CASE:
I have several types of devices on the internal network. PCs, MACs, SmartPhones. And within each of these, applications that do not support redirecting to the proxy. So transparent mode is the output.
2nd CASE:
When I enable transparent mode, I have another problem, if I have ssl inspection, I must install certificate on every device on the network (HORRIBLE).
So,
HTTP -> caching, antivirus, etc ... Works well over transparent mode;
HTTPS -> so that there is no certificate installation, use SNI;
Server Name Indication (SNI)
Would SNI work for this scenario?
(Traffic https (filtered over header) on transparent mode and without having to install certificate on client)?
The references you submitted above do not tell you where to live SNI.
Obrigado.