Forum Discussion

SergeyAU

Altostratus

Dec 13, 2019

Inspecting HTTPS traffic via SWG and iRules not SSL profiles

Hello

Our F5 is used as an application proxy. Clients connect to 8080 and F5 inspects the URLs via APM/SWG

All good for HTTP traffic, but we are unable to get HTTPs inspection/blocks to work.

Some applications cannot be decrypted due to security requirements.

Is is possible to use an iRule to inspect the virtual server (8080) traffic - it is clearly seen that client request some secure URLs via CONNECT host:port

The idea is for iRule to get URL from the CONNECT and compare it to the inspection policies. Can this be done?

devops

iRules

Secure Web Gateway

No RepliesBe the first to reply

Forum Discussion

Inspecting HTTPS traffic via SWG and iRules not SSL profiles

Recent Discussions

F5 terminal - help to run commands - disk space full

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

Related Content

Inspecting HTTP LB traffic for security

Protecting the F5 BIG-IP AFM system with AFM Protocol Inspection System Checks

AFM Protocol Inspection rules for CVE-2022-3602 (aka SpookySSL)

Unsupported Snort Keywords in Protocol Inspection

fellow traffic