SSL Tap settings
The SSL Tap settings are used for configuring interfaces on Web Gateway that connect to monitoring devices for sending them tapped SSL traffic in decrypted format.
SSL Tap
Settings for SSL tapping interfaces
Table A-52 SSL Tap
| Option | Definition |
|---|---|
| Enable interfaces for SSL Tap | When selected, tapped SSL traffic can be sent in decrypted format to monitoring devices through interfaces configured here. |
| List of interfaces | Provides a list of interfaces for connecting to a monitoring device. |
Table A-53 List of interfaces – List entry
| Option | Definition |
|---|---|
| Network interface | Specifies the interface on Web Gateway that is used for connecting to a monitoring device. |
| Client IP for IPv4 traffic | Provides the IP address of the client that is used when the tapped SSL traffic is sent under IPv4. Providing this address is optional. The default address is that of the client currently in use. |
| Client IP for IPv6 traffic | Provides the IP address of the client that is used when the tapped SSL traffic is sent under IPv6. Providing this address is optional. The default address is that of the client currently in use. |
| Client MAC | Provides the MAC address of the client that is used when the tapped SSL traffic is sent. Providing this address is optional. The default address is the MAC address of the Web Gateway appliance. |
| Destination MAC address | Provides the MAC address of the destination that the tapped SSL data packets are sent to. |
| Comment | Provides a plain-text comment on an interface. |
Advanced settings
Advanced settings for connections used for sending SSL tapped traffic
Table A-54 Advanced settings
| Option | Definition |
|---|---|
| Maximum SSL Tap queue size per connection |
Limits the size of a queue of SSL tapped traffic on each of the connections that are involved to the specified value (in MB). Default limit: 10240 MB |
NOTE: SSL Tap is officially supported on Appliances, VM, and AWS instances.