Show Posts
1
Web Proxy Filtering and Caching / Re: Web Proxy SSL Bump External Dynamic Lists URL Categories
« on: September 28, 2023, 07:52:10 am »
Did you find a solution to this??
We are looking at using OpnSense as well, but I can't find a manageable way to bypass SSL inspection for groups of sites. On Sophos and Fortigate firewalls we simply bypass SSL inspection for banking, financial, and government categories as a minimum for 2 main reason.
1. SSL inspection on these sites really is invading privacy I feel.
2. SSL inspection often breaks these types of sites as they usually try and detect man in the middle attacks.
We are looking at using OpnSense as well, but I can't find a manageable way to bypass SSL inspection for groups of sites. On Sophos and Fortigate firewalls we simply bypass SSL inspection for banking, financial, and government categories as a minimum for 2 main reason.
1. SSL inspection on these sites really is invading privacy I feel.
2. SSL inspection often breaks these types of sites as they usually try and detect man in the middle attacks.