Common web applications such as Twitter and Facebook, and search engines like Google now only serve encrypted web traffic (over HTTPS instead of HTTP). Since block pages cannot always be served when just using HTTPS filtering, using SSL Inspection almost guarantees presentation of a block page when needed. The Barracuda Web Security Gateway provides the administrator with choices for monitoring and blocking HTTPS traffic, depending on the Barracuda Web Security Gateway model, and for use cases such as:
- Monitoring/Blocking and/or capturing social media chat, posts, comments and other interactions (use SSL Inspection, Barracuda 410 and higher) on and off network. For mobile and remote users, use the Barracuda Web Security Agent.
- Protecting users of Chromebooks by monitoring and blocking specific HTTPS traffic based on decrypted content filtering (use SSL Inspection, Barracuda 410 and higher).
- Providing Safe Search (use SSL Inspection, Barracuda 310 and higher).
- Simply blocking HTTPS traffic from specific domains or content categories without decrypting web URL content (use HTTPS Filtering, Barracuda 210 and higher).
In This Section:
- SSL Inspection – enabling the Barracuda Web Security Gateway to decrypt, inspect and re-encrypt web traffic at the URL level, administrators have fine grained control over the use of web-based applications. This means that administrators can choose to block certain portions of web based applications such as Facebook Chat, or Twitter.
- HTTPS Filtering – Provides ability to block some or all HTTPS traffic by URL pattern (ex: *adult.com*), domain name or by content category. A less resource-intensive tool than SSL Inspection. Unlike SSL Inspection, this feature does not decrypt and inspect the URL content; rather it identifies domains and content categories for use in creating block/warn/allow policies.