Create a standard decryption policy with outbound protection

The following task discusses how to create a standard decryption policy to protect servers outside your internal network. To decrypt outbound connections, all options on this page are required except where noted. To bypass or block certain outbound connections, only security zones and bypass or block options are required.

Before you begin

Review what an outbound protection decryption policy means in Decrypt and re-sign (outgoing traffic).

To create a decryption policy with inbound protection instead, see Create a standard decryption policy with inbound protection.

Procedure

Step 1	Log in to Security Cloud Control if you haven't already done so.
Step 2	Click Firewall.
Step 3	Click Administration > (name of management center).
Step 4	In the right pane, click Management > Policies.
Step 5	Click Create New > Decryption Policy.
Step 6	In the provided fields, enter a Name and optional Description. The following characters are not supported in decryption policy names: Leading period `#`,`;`,`{`,`}`,`=`,`$`,`<`,`>`
Step 7	Click Create Policy.
Step 8	Slide Outbound Decryption to Enabled as the following figure shows.