Inbound SSL Decryption

It is called Webserver Protection (also known as Web Application Firewall, or WAF)

Hello Doug

Thanks for the reply. So i need to turn on WAF functionality (add-on subscription) inorder to achieve this - right ?

Thanks,

Steve

If you just want to decrypt and inspect https traffic (man-in-the-middle) that is achieved by setting it up in webfiltering. Beware tough that your clients must have the UTM certificate otherwise they will report certificate errors because the UTM is basically the CA for all certificates.

what you described is outbound ssl inspection

It depends on what you are trying to do, and what you are defining as 'inbound'.  Can you give more details on what you are trying to accomplish?

Hi Brandon,

By inbound I mean connections coming from the internet going to an internal server behind UTM

Thanks,

Steve

I may misunderstand you, but that's what the web application firewall does (at least if you're talking about internal web servers).

The web application firewall is a reverse proxy which handles all http(s) requests from internet clients and passes them (after having checked the requests) to the internal webserver(s).

no worries, thanks for your answer.