Decryption Best Practices
Shine a light on the darkness of encrypted traffic so
you can reveal what’s really coming into and leaving your network
and inspect that traffic for threats.
You can’t protect your network against threats you can’t see and inspect. Gartner predicts that
in 2020, more than 70 percent of new malware campaigns will use various forms of
encryption. Google’s
Transparency Report shows that no matter how you analyze
Google web traffic, in most cases, more than 90 percent of it is encrypted.
Decrypt that traffic to protect your network
against hidden threats.
This document is a streamlined checklist of pre-deployment, deployment,
and post-deployment best practices that you can follow to implement
decryption. Each section includes links to detailed information
in the PAN-OS Admin Guide, including how to configure Decryption
policy rules and profiles.
- Security policy (includes Security policy
rule construction, rulebase order and hygiene, the App-ID Cloud Engine (ACE), Policy
Optimizer, SaaS Policy Recommendation, and IoT Policy Recommendation)
- Zero Trust (how to lock down your
network)
- DoS & Zone Protection (including
Packet Buffer Protection)
- Administrative Access (protect access to
firewalls and management devices)
-
-
-
Also ensure that you have the proper
subscriptions to support your network
security, including Advanced Threat Prevention, DNS Security, Advanced URL Filtering,
IoT Security, GlobalProtect, SaaS Security, etc.