Follow

Can I use Web Filter to block HTTPS/SSL sites?

Yes - However filtering is not as granular as when utilizing the SSL Inspector app.  

 

To go into more detail.  When a website is access via HTTPS, most of the content is encrypted.  Meaning the Untangle cannot view this data or filter by this data.  There is one portion that is not encrypted, which is the Server Name Indication (SNI).  SNI is an extension of the TLS networking protocol that indicates which hostname (domain) the client is attempting to access.  Using this information Untangle can then filter web traffic.  

 

The drawback is that Untangle cannot see the entire URL, only the domain.  For that reason Untangle loses granularity in the filtering of that traffic.  All traffic to a domain is treated the same, regardless of content.  

Was this article helpful?
0 out of 2 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk