It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen WAN

SSL Inspection

  • Last updated on

SSL Inspection decrypts both SSL and TLS connections so the appliance can allow features, such as Malware Protection and IPS, to scan traffic that would otherwise not be visible to the service. 

ssl_82.png

Before You Begin

Settings 

In this section, you can add explicit rules, such as exemptions for traffic that should not be scanned. For example: financial traffic. In addition, you can specify the default action for SSL Inspection.

Add a Rule 
  1. Open https://cloudgenwan.barracudanetworks.com/  and log in with your existing Barracuda Cloud Control account.
  2. Go to SECURITY > SSL INSPECTION > SETTINGS.
  3. Click ADD RULE.
  4. The Add New Rule window opens. Specify values for the following:
    • Name Enter a name.
    • Description Enter description.
    • Action Select either  Inspect  or  Do Not Inspect .
      SOURCE CRITERIA
    • TypeSelect a type. You can choose between IP/Network, Site, and User/Group. If you want to select users or groups in the policies, you must first connect your Azure Active Directory. For more information, see How to Connect Your Azure Active Directory with Barracuda Cloud Control.
    • IP/Network   Enter an IP or network address. 
      DESTINATION CRITERIA
    • Type   Select a type. You can choose between ApplicationURL CategoryDomainIP/Network, and Site.
    • Application S elect an application. For more information, see How to Create Custom Applications.
      explicit_ignore_financial.png

  5. Click SAVE.
Select the Default Action
  1. Open https://cloudgenwan.barracudanetworks.com/  and log in with your existing Barracuda Cloud Control account.
  2. Go to SECURITY > SSL INSPECTION > SETTINGS.
  3. Select the default action.
    sssl_default_82.png

Certificates

In this section, you can add, edit, and activate SSL Inspection certificates and trusted root certificate authorities.

Add SSL Inspection Certificate
  1. Open https://cloudgenwan.barracudanetworks.com/  and log in with your existing Barracuda Cloud Control account.
  2. Go to SECURITY > SSL INSPECTION > CERTIFICATES.
  3. In the SSL INSPECTION CERTIFICATES section, click ADD CERTIFICATE.
  4. The Upload New Certificate window opens. Specify values for the following:
    • Name – Enter a name.
    • Description – Enter a description.
    • Upload PKCS12 – Click UPLOAD FILE to upload the certificate file.
    • Passphrase – Enter the passphrase of the certificate.
      cert82_upload1.png
  5. Click SAVE.
Add Trusted Root Certificate Authorities
  1. Open https://cloudgenwan.barracudanetworks.com/  and log in with your existing Barracuda Cloud Control account.
  2. Go to SECURITY > SSL INSPECTION > CERTIFICATES.
  3. In the TRUSTED ROOT CERTIFICATE AUTHORITIES section, click ADD CERTIFICATE.
  4. The Upload New Certificate window opens. Specify values for the following:
    • NameEnter a name.
    • DescriptionEnter a description
    • Upload PEM or CRT – Click UPLOAD FILE to upload the certificate file.
      cert82_upload2.png
  5. Click SAVE.
Edit, Delete, or Activate an Existing Certificate

Note that only certificates added in the SSL Inspection section can be activated.

  • MAKE ACTIVE Click on the button next to the certificate you want to activate.
  • Edit – Click on the pencil icon next to the certificate you want to edit.
  • Delete – Click on the X icon next to the certificate you want to delete.

Further Information

  • For more information on Malware Protection, see Malware Protection.
  • For more information on Intrusion Prevention, see IPS.
Last updated on