Do Not Decrypt Low-Risk Categories, Reputations, or Applications

Evaluate the traffic on your network to determine which would match low-risk categories, reputations, or applications, and add those rules with a Do Not Decrypt action. Put these rules after other more specific Do Not Decrypt rules because the system needs more time to process the traffic.

Following is the example.

These sample rules allow without decryption traffic that matches low-risk categories, reputations, and applications.

Rule details:

This sample rule specifies, on the Applications tab page, to match Low and Very Low risk categories.

Also on the Applications tab page, you can specify applications you believe are low-risk; in this case, Facebook, Facebook Message, and Facebook Photos. You can also exclude from decryption any website that uses certificate pinning.