Secure Socket Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols widely adopted and deployed in network communication today. The traffic over SSL/TLS is encrypted and signed to ensure security, hence HTTPS. Because encrypted HTTP connections can carry the same risks as unencrypted HTTP connections, Deep Edge scans all traffic for potential risks and threats.

Deep Edge can enable or disable HTTPS inspections and exclude specific websites, URL categories, or IP addresses from inspection. After the traffic is identified, Deep Edge determines the appropriate actions for traffic based on specified policy settings. to scan HTTPS traffic, Deep Edge identifies the SSL connection at the first packet of the SSL handshake, acquires the client IP address information from the session, if available, and then gets the server hostname from the handshake record. The connection will not be decrypted if this information matches any allowed URL categories, websites, or IP addresses in the Deep Edge exception list.

Information about HTTPS Inspection is shown in corresponding logs and reports. HTTPS Inspection notifications are also available to inform end-users why their actions on the web are being blocked.