Справочник Пользователя для SonicWALL 5.8.1

To enable Client DPI-SSL inspection, perform the following steps:

Navigate to the DPI-SSL > Client SSL page.

Select the Enable SSL Inspection checkbox.

Select which of the following services to perform inspection with: Intrusion Prevent, 
Gateway Anti-Virus, Gateway Anti-Spyware, Application Firewall, and Content Filter.

Click Accept.

By default, the DPI-SSL applies to all traffic on the appliance when it is enabled. You can 
configure an Inclusion/Exclusion list to customize which traffic DPI-SSL inspection will apply to. 
The Inclusion/Exclusion list provides the ability to specify certain objects, groups, or 
hostnames. In deployments that are processing a large amount of traffic, it can be useful to 
exclude trusted sources in order to reduce the CPU impact of DPI-SSL and to prevent the 
appliance from reaching the maximum number of concurrent DPI-SSL inspected connections.

The Inclusion/Exclusion section of the Client SSL page contains three options for specifying 
the inclusion list:

On the Address Object/Group line, select an address object or group from the Exclude 
pulldown menu to exempt it from DPI-SSL inspection.

On the Service Object/Group line, select a service object or group from the Exclude 
pulldown menu to exempt it from DPI-SSL inspection.

On the User Object/Group line, select a user object or group from the Exclude pulldown 
menu to exempt it from DPI-SSL inspection.

The Include pulldown menu can be used to fine tune the specified exclusion list. For 
example, by selecting the Remote-office-California address object in the Exclude 
pulldown and the Remote-office-Oakland address object in the Include pulldown.