: Decryption Best Practices
Focus
Focus

Decryption Best Practices

Table of Contents

Decryption Best Practices

Shine a light on the darkness of encrypted traffic so you can reveal what’s really coming into and leaving your network and inspect that traffic for threats.
You can’t protect your network against threats you can’t see and inspect. Gartner noted that in 2020, about 70 percent of new malware campaigns used various forms of encryption. Google’s Transparency Report shows that no matter how you analyze Google web traffic, in most cases, up to 95 percent of it is encrypted. Decrypt that traffic to protect your network against hidden threats.
This document is a streamlined checklist of pre-deployment, deployment, and post-deployment best practices that you can follow to implement decryption. Each section includes links to detailed information in the PAN-OS Admin Guide, including how to configure Decryption policy rules and profiles.
In addition, use the on-demand BPA report in the Strata Cloud Manager to identify areas to improve security, use the Adoption Summary to identify gaps in security capability adoption, and visit the Best Practices Documentation Portal, which provides specific planning, deployment, and maintenance best practices steps for a variety of features, capabilities, and security goals, including:
Also ensure that you have the proper subscriptions to support your network security, including Advanced Threat Prevention, DNS Security, Advanced URL Filtering, IoT Security, GlobalProtect, SaaS Security, etc.