Applies To: Cloud-managed Fireboxes
Transport Layer Security (TLS) is an industry standard based on a system of trusted rules and certificates issued by certificate authorities and recognized by servers. To encrypt data as it is exchanged over IP networks, TLS creates a secure channel between the server and the end user computer or other devices as they exchange information over the internet.
HTTPS policies do not perform TLS decryption for enabled domains in the Default HTTPS Decryption Exceptions list.
In WatchGuard Cloud, you can disable or enable HTTPS decryption exceptions for domains and services on your network.
You should only disable an HTTPS decryption exception for a service that you do not want to use on your network. If you disable an exception, the Firebox will try to decrypt the traffic, which might cause the service to not work.
To enable and disable HTTPS decryption exceptions:
- Select Configure > Devices.
- Select a cloud-managed Firebox.
Status and settings for the selected Firebox appear.
- Select Device Configuration.
The Device Configuration page displays the WatchGuard Cloud security services.
- Click the Exceptions tile.
The Exceptions page opens.
- Click Manage HTTPS Decryption Exceptions.
- To enable or disable domains for a company, click in the row for the company.
- Select Enable All or Disable All.
- To view a list of the individual domains associated with a company, select View All Domains.
- From the drop-down list in the Status column, select Enabled or Disabled for each domain you want to enable or disable.
To search for a specific domain, in the upper, right corner, type the domain name in the Search box.
- Click Back.
- To save the configuration changes to the cloud, click Save.