Managing decryption rules

The table of decryption rules is displayed in the Application & Services → NGFW → Policy → SSL Inspection → Decryption rules section. A rule with the Don't decrypt action is created by default.

Kaspersky NGFW supports two types of rules:

• The default rule is applied by default with the initial configuration. You can edit the description of the rule and change the action of the rule. You cannot delete or disable the default rule.

  The default rule has no priority or number; it is displayed last in the list of rules. If the traffic does not match any custom rule, the action specified in the default rule is applied.

• You can create and configure custom rules based as needed.

Information about rules is displayed in the following columns of the table:

• Priority is the priority of the rule. The default rule has no number.
• Name is the unique name of the rule.
• Description is an arbitrary description. Optional setting.
• Action specifies whether you want to decrypt traffic transmitted over encrypted protocols.
• Source addresses lists one or more source addresses with the following values: host, subnet, range of IP addresses.
• Source security zones lists security zones added to the rule as a source.
• Destination addresses lists one or more destination addresses with the following values: host, subnet, range of IP addresses.
• Destination security zones lists security zones added to the rule as a destination.
• Services is one or more services with the following values: protocol, source port, destination port.
• Last edited by is the user account of the author of the last changes of the rule. If information about the author of the last change is missing, the field is empty.

You can do the following with decryption rules:

• Create a rule.

  You can create a new rule by configuring filtering criteria and selecting an action to perform with encrypted traffic.

• Modify existing rules.

  After creating a security rule, you can go back to manage its settings.

• Delete one or more rules.

  You can delete a security rule if you do not want it to be applied to network traffic and displayed in the rules table.

• Enable or disable a rule.

  You can enable or disable a decryption rule in the table of rules or in the rule editing window.

• Change the priority of a rule.

  You can increase or decrease the priority of a decryption rule selected in the table of security rules.

In the table of decryption rules, you can configure the display of columns, and use filtering and search functionality.

In this section Creating a decryption rule Changing the priority of rules Enabling or disabling a decryption rule Editing a decryption rule Deleting a decryption rule

Page top