How can we help?
-
zWAN
-
-
-
-
-
-
- Articles coming soon
-
-
-
- Articles coming soon
-
- Articles coming soon
-
-
-
-
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
-
-
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
-
-
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
- Articles coming soon
-
-
-
- Articles coming soon
-
- IPsec Tunnel not Establishing
- SSL-VPN Tunnel not Establishing
- Mobile Network Issues
- Management Tunnel does not Establish
- DNS not Resolving from Local Network Appliance
- DNS Resolution Issues in Tunnel Configuration
- DHCP Server not Leasing IP to LAN PC
- Debugging EC Events - Unknown Status Issue
- Trusted-MAC Geofencing Issues
- DNS Issues from DC LAN PC
- Troubleshooting LAN Connectivity to Internet via WAN, Remote Branch LAN, or Local Branch LAN
- NetBalancer gateways displaying Faulty/Inactive
- Packet Drop Issues
-
-
zTC
-
- Articles coming soon
-
StorTrends
-
zAccess
-
zGuardian
You are here:
Print
SSL Inspection
0 out Of 5 Stars
| 5 Stars | 0% | |
| 4 Stars | 0% | |
| 3 Stars | 0% | |
| 2 Stars | 0% | |
| 1 Stars | 0% |
Quick Overview
SSL Inspection allows zGuardian to decrypt and inspect encrypted (HTTPS) traffic for threats, malicious payloads, or access policy violations. Once traffic is inspected, it is re-encrypted and forwarded to its destination, maintaining user experience while improving threat detection.
How to Use This Feature in the UI
- Navigate to
Security > SSL Inspectionin the zGuardian interface. - Use the toggle to Enable or Disable SSL Inspection.
- When enabling:
- Ensure the zGuardian Root Certificate is installed on all client devices.
- Optionally configure inspection policies or exceptions (e.g., financial sites).
- Click Apply Configuration.
Important Notes:
- SSL Inspection is required for Antivirus, Virus Scan, and Custom URL Filtering to function on encrypted traffic.
- If SSL Inspection is disabled, zGuardian cannot analyze HTTPS traffic for threats or policy enforcement.
- Performance impact may vary depending on traffic volume and hardware resources.
Concepts & Use Cases
What It Does
Decrypts SSL/TLS traffic so zGuardian can inspect its contents (e.g., for viruses, malware, or unauthorized access), then re-encrypts it before sending it to the final destination.
Use Cases
- Blocking malware hidden inside HTTPS traffic
- Enforcing content policies on encrypted websites
- Enabling antivirus and URL filtering for secure traffic
- Detecting data exfiltration over encrypted channels
Caution: SSL Inspection may break functionality on some websites (e.g., banking, health portals) unless they are added to an exception list. It may also raise privacy concerns in environments with personal browsing.
Troubleshooting & FAQs
- Q: Why aren’t antivirus or URL filtering features working?
A: SSL Inspection must be enabled for these features to scan HTTPS traffic. - Q: Why are some websites failing to load or showing certificate warnings?
A: The zGuardian certificate might not be installed on client devices, or the site may use HSTS and need to be added to the exception list. - Q: Will this affect performance?
A: Yes. SSL decryption and re-encryption require CPU resources. Scale hardware accordingly.
Was this article helpful?
0 out Of 5 Stars
| 5 Stars | 0% | |
| 4 Stars | 0% | |
| 3 Stars | 0% | |
| 2 Stars | 0% | |
| 1 Stars | 0% |
5
Table of Contents