Configure EVE

Procedure

Step 1

Choose Policies > Access Control heading > Access Control.

Step 2

Click Edit (edit icon) next to the access control policy you want to edit.

Step 3

Choose Encrypted Visibility Engine from the More drop-down arrow at the end of the packet flow line.

Step 4

On the Encrypted Visibility Engine page, enable the Encrypted Visibility Engine (EVE) toggle button.

Step 5

Choose the Monitor mode or the Protect mode.

  • Choose the Monitor mode to detect client applications and monitor encrypted traffic.

  • Choose the Protect mode to monitor and block encrypted traffic based on the threat confidence level of the client processes. You can use this mode to monitor and block malicious connections at two threat confidence levels:

    • High: Use this level to block connections with threat confidence levels ranging from High to Very High.

    • Very High: Use this level to block connections with threat confidence levels that are categorized as Very High.

Step 6

Click Save and then deploy the access control policy.

Note

To manage exceptions, see Configure EVE Exception Rules.

What to do next

Deploy configuration changes.