Configuring A Decryption Rule

Similar to the way you configure cloud access rules, you configure HTTPS decryption policies to decrypt content based on selected URL categories. For example, you can configure an HTTPS decryption rule to decrypt encrypted content from websites in the Business categories.

When you add or edit a decryption rule from the Decryption Rules screen, a new screen opens, where you can specify the settings for the rule.

  1. Configure the basic rule information:

    Item

    Setting

    Rule name

    Specify a unique name for the decryption rule.

    Description

    (Optional) Meaningful description to easily identify the decryption rule.

    Enable

    Click On or Off to enable or disable the decryption rule.

    If you no longer need a decryption rule, delete it, instead of setting Enable to Off.

  2. In the Gateways section, select the gateways that the decryption rule applies to. You can select all gateways, specific ones from the list of gateways configured on the Gateways screen, or roaming users as necessary.
  3. In the URL Categories section, select the URL categories that the decryption rule applies to.

    (Optional) Click Add Customized URL Category to specify new URL categories that are not part of the Trend Micro predefined URL categories. For more information, see Configuring A Customized URL Category.

  4. In the Root CA Certificate section, select a cross-signed certificate or click Reset to use the default CA certificate provided by TMWS as the client certificate for HTTPS connections between client browsers and TMWS. For more information, see Cross-signing the CA Certificate.
  5. Click Save.