How do I enable Gateway AV and ATP Blocker on an https proxy?
I have these services turned on for http proxy, smtp, ftp. However when I go to my https proxy, I don't see the option to enable gateway AV. If I run the wiazrd under Gateway AV I don't see a way to add one for https.
Under https proxy, My only tabs are content inspection / Web Blocker / Proxy Alarm / General.
Thanks
0
Sign In to comment.
Comments
Since HTTPS content is encrypted, one needs to decrypt the content in order to run AV scan on it.
So, you need to set up Inspect on the HTTPS proxy, and then in the HTTP proxy action you can select AV scans.
When you set up Inspect on the HTTPS proxy, you will need to import a certificate from the firewall or from your own CA if you have one, into the PCs or web browsers being used.
Use Certificates with Outbound HTTPS Proxy Content Inspection
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/certificates/cert_https_proxy_resign_c.html
Thanks, I'll try that shortly.