HTTPS Decryption Policies

HTTP > HTTPS Decryption > Policies

This screen shows all HTTPS decryption policies on the system—enabled as well as disabled. Click Add to create a new policy, or click a policy name to edit an existing one.  

• Enable HTTPS Decryption—Globally controls the enabled status of all policies; overrides the status of an individual policy. (Click Save after enabling or disabling HTTPS decryption.)

• Add—Opens the Add Policy wizard that will take you through the steps to define a new policy.

• Policy Name—Click a name to edit the settings.

• Priority—Sets the order of precedents — if two conflicting policies overlap in their scope, the policy with the higher priority (closer to 1) will be applied and the other ignored. MORE>>

  IWSVA Scan Policy first evaluates a given Web request by finding out to which group, if any, the requesting client is a member, and then evaluates which policy or policies are in effect for that group.

  If the client is affected by more than one policy, the policy with the highest priority is applied.

• Note: The HTTPS Decryption Global Policy is the default policy. It automatically applies to all users, but also always takes the lowest priority. Any policy with a higher priority in the list will take precedence.

• Deploy Policies—Click this button after creating or modifying a policy to have it immediately take effect.

See also:

• About HTTPS Decryption
• Decryption Rule
• Exception