Справочник Пользователя для SonicWALL 5.8.1
![SonicWALL](https://files.manualsbrain.com/attachments/f3f2020e62d845c1f0944139602c2c25d4b9d245/common/fit/150/50/7162a7154dd3881061179f0db28d2a1090909f96138d4697280baa1e704f/brand_logo.jpeg)
DPI-SSL > Client SSL
795
SonicOS 5.8.1 Administrator Guide
To enable Client DPI-SSL inspection, perform the following steps:
1.
Navigate to the DPI-SSL > Client SSL page.
2.
Select the Enable SSL Inspection checkbox.
3.
Select which of the following services to perform inspection with: Intrusion Prevent,
Gateway Anti-Virus, Gateway Anti-Spyware, Application Firewall, and Content Filter.
Gateway Anti-Virus, Gateway Anti-Spyware, Application Firewall, and Content Filter.
4.
Click Accept.
Configuring the Inclusion/Exclusion List
By default, the DPI-SSL applies to all traffic on the appliance when it is enabled. You can
configure an Inclusion/Exclusion list to customize which traffic DPI-SSL inspection will apply to.
The Inclusion/Exclusion list provides the ability to specify certain objects, groups, or
hostnames. In deployments that are processing a large amount of traffic, it can be useful to
exclude trusted sources in order to reduce the CPU impact of DPI-SSL and to prevent the
appliance from reaching the maximum number of concurrent DPI-SSL inspected connections.
configure an Inclusion/Exclusion list to customize which traffic DPI-SSL inspection will apply to.
The Inclusion/Exclusion list provides the ability to specify certain objects, groups, or
hostnames. In deployments that are processing a large amount of traffic, it can be useful to
exclude trusted sources in order to reduce the CPU impact of DPI-SSL and to prevent the
appliance from reaching the maximum number of concurrent DPI-SSL inspected connections.
The Inclusion/Exclusion section of the Client SSL page contains three options for specifying
the inclusion list:
the inclusion list:
•
On the Address Object/Group line, select an address object or group from the Exclude
pulldown menu to exempt it from DPI-SSL inspection.
pulldown menu to exempt it from DPI-SSL inspection.
•
On the Service Object/Group line, select a service object or group from the Exclude
pulldown menu to exempt it from DPI-SSL inspection.
pulldown menu to exempt it from DPI-SSL inspection.
•
On the User Object/Group line, select a user object or group from the Exclude pulldown
menu to exempt it from DPI-SSL inspection.
menu to exempt it from DPI-SSL inspection.
Tip
The Include pulldown menu can be used to fine tune the specified exclusion list. For
example, by selecting the Remote-office-California address object in the Exclude
pulldown and the Remote-office-Oakland address object in the Include pulldown.
example, by selecting the Remote-office-California address object in the Exclude
pulldown and the Remote-office-Oakland address object in the Include pulldown.