Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 30 subscribers
  • Views 896 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Generals Questions about HTTPS scanning

hoosty

Hello folks, hope you are all healthy!

I am quiet new to Sophos Firewalls, just bought a XG86 for the home. Works all fine so far.

I am interested in the HTTPS Inspection function and would like to enable that, of course.

But as far I understand, every Device/Browser needs to adopt the self signed Certificate to work with it.

So no problem, I can do that für MacOS, Win, Android, etc., but what do we do with devices, where I can not import certificates?

I mean all the IoT Stuff, SkyQ Receiver, Samsung TV and so on, I think you know what I mean.

Is there a way to exclude such devices?  And of course without loosing the comfort of Airplay, YouTube Streaming....

I know, this is not a business infrastructure Sophos is made for ...

Thanks for every hint you can give me and a happy 2021

Chris



This thread was automatically locked due to age.
Parents
  • 0

    I setup a Mac Host for each device on my network and from there I just add the devices that can accept the Sophos cert to a SSL/TLS inspection rule (i.e. computers and mobile devices). My understanding is if a device/client isn’t associated with a SSL/TLS inspection rule, then SSL/TLS decryption doesn’t apply, so a separate “do not decrypt” rule is not required. 

  • 0 in reply to shred

    Hey Shred, thanks a lot, that may be a good way for home usage, maybe you could post a how-to on your blog? 

    Your Blog flew into my bookmarks, btw...

    1.5h to go here in Germany, a healthy new year to everybody! 

Reply Children
No Data