Cisco Cisco Web Security Appliance S170 사용자 가이드
C H A P T E R
12-1
Cisco IronPort AsyncOS 7.5.7 for Web User Guide
12
Decryption Policies
This chapter contains the following information:
•
•
•
•
•
•
•
•
•
•
•
•
Decryption Policies Overview
HTTPS is a web protocol that acts as a secure form of HTTP. HTTPS encrypts HTTP requests and
responses before they are sent across the network. Common thinking is that any connection to a site
using HTTPS is “safe.” HTTPS connections are secure, not safe, and they do not discriminate against
malicious or compromised servers. HTTPS is a secure way to complete legitimate transactions, but more
dangerously, it is a secure way to download malware which can infect your network.
responses before they are sent across the network. Common thinking is that any connection to a site
using HTTPS is “safe.” HTTPS connections are secure, not safe, and they do not discriminate against
malicious or compromised servers. HTTPS is a secure way to complete legitimate transactions, but more
dangerously, it is a secure way to download malware which can infect your network.
Not being able to inspect HTTPS traffic makes the network vulnerable to the following risks:
•
Secure site hosting malware. Spammers and phishers can create legitimate looking websites that
are only reachable through an HTTPS connection. Some users may mistakenly trust the web server
because it requires an HTTPS connection, resulting in intentional and unintentional downloaded
malware.
are only reachable through an HTTPS connection. Some users may mistakenly trust the web server
because it requires an HTTPS connection, resulting in intentional and unintentional downloaded
malware.
•
Malware from HTTPS web applications. Some malware can infect the network from legitimate
web applications, such as secure email clients, by downloading attachments.
web applications, such as secure email clients, by downloading attachments.