jjwolven
asked on
Blocking HTTPS traffic with Trend Deep Security
I am trying to block HTTPS traffic using Trend Micro Deep Security.
There are no issues blocking HTTP traffic, but nothing is blocked when using HTTPS.
The main page for Web Reputation has a note saying that it does not block HTTPS traffic, but I wanted to find out if there is a way to block HTTPS traffic using Deep Security?
https://help.deepsecurity.trendmicro.com/Protection-Modules/Web-Reputation/ug-web-rep.html?Highlight=block%20https
There are no issues blocking HTTP traffic, but nothing is blocked when using HTTPS.
The main page for Web Reputation has a note saying that it does not block HTTPS traffic, but I wanted to find out if there is a way to block HTTPS traffic using Deep Security?
https://help.deepsecurity.trendmicro.com/Protection-Modules/Web-Reputation/ug-web-rep.html?Highlight=block%20https
you need another product that does deep packet inspection and it's own certificates to intercept, inspect, pass-on packets
Or you have to configure if the option exist to effectively function as man-in-the-middle where the secure connection to any site terminates on the device, or a proxy, that then will be in a position to scan/inspect ...
ASKER
Deep Packet Inspection seems to be overkill just to block a website. Is it really needed to that extent?
I've used it before, but not for websites. We basically just want to block all website except what is on our whitelist.
I've used it before, but not for websites. We basically just want to block all website except what is on our whitelist.
then use a proxy instead that only has the desired websites dns entries and the rest go to localhost or some other defined page
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It is https therefore inspection is required though you just need to whitelist the website. Either a WAF like imperva has it or Trend has IPS
https://docs.imperva.com/bundle/cloud-application-security/page/settings/waf-settings.htm
The Imperva Cloud WAF whitelists enable you to specify conditions under which the WAF will not analyze a request. Any item that you enter into the whitelist is considered trusted and safe by Imperva.
https://help.deepsecurity.trendmicro.com/ssl-traffic-inspecting.html
https://docs.imperva.com/bundle/cloud-application-security/page/settings/waf-settings.htm
The Imperva Cloud WAF whitelists enable you to specify conditions under which the WAF will not analyze a request. Any item that you enter into the whitelist is considered trusted and safe by Imperva.
https://help.deepsecurity.trendmicro.com/ssl-traffic-inspecting.html