Decryption Policy Default Actions
The default action for a decryption policy determines how the system handles decryptable encrypted traffic that does not match any non-monitor rule in the policy. When you deploy a decryption policy that does not contain any decryption rules, the default action determines how all decryptable traffic on your network is handled. Note that the system does not perform any kind of inspection on encrypted traffic blocked by the default action.
To set the decryption policy default action:
-
Log in to the management center if you haven't already done so.
-
Click .
-
Click Edit (
) next to the name of the decryption policy. -
In the Default Action row, click one of the following actions from the list.
|
Default Action |
Effect on Encrypted Traffic |
|---|---|
|
Block |
Block the TLS/SSL session without further inspection. |
|
Block with reset |
Block the TLS/SSL session without further inspection and reset the TCP connection. Choose this option if traffic uses a connectionless protocol like UDP. In that case, the connectionless protocol tries to reestablish the connection until it is reset. This action also displays a connection reset error in the browser so the user is informed that the connection is blocked. |
|
Do not decrypt |
Inspect the encrypted traffic with access control. |