Network traffic scan settings apply to the Web Threat Protection and Web Control components. The components can decrypt and scan network traffic transmitted over encrypted connections. The encrypted connections scan is enabled by default.
You can manage the following network traffic scan settings:
Enable or disable encrypted connections scanning.
Select the action to be performed by the application upon detection of an untrusted certificate.
Select the action to be performed when an encrypted connections scan error occurs on a website.
Enable or disable the use of the Internet for certificate verification.
View and configure a list of trusted domains. The application will not scan encrypted connections established when visiting specified domains.
Configure a list of root certificates that the application will consider trusted when performing an encrypted connections scan.
Configure a list of network ports to be monitored by the application. You can specify the network ports or network port ranges to be monitored.
If you want to intercept network connections to the NFS server, you need to make sure that the NFS server is started with the insecure option (so that it accepts connections from ports outside the 1–1024 range), otherwise the NFS server may reject such connections.
When the network traffic scan settings are changed, the application records a NetworkSettingsChanged event in the log file.