SSL/TLS encryption and decryption is becoming an important part of network security. In 2017, 50 per cent of web traffic was secured by the protocol, and Gartner expects this to rise to 80 per cent by 2019. Educational institutions must protect their students and infrastructure from malware, ransomware, and other threats hiding in SSL/TLS encrypted traffic. Cyber attackers may also use encrypted traffic to disguise attempts to extract sensitive data. Educational institutions may be required by law to keep students and the school from illegal behavior or material hiding in SSL encrypted traffic. Finally, students and faculty expect a certain amount of privacy when using the network for their own personal use.
This data sheet provides an overview of how educational institutions can use the Palo Alto Networks Next-Generation Firewall to selectively decrypt SSL/TLS traffic in-line, maximizing performance and threat protection while maintaining privacy.
For more information on SSL decryption best practices, read this blog post: https://researchcenter.paloaltonetworks.com/2018/05/tech-docs-ssl-decryption-best-practices-light-hidden-malware/