What is the greatest level of inspection you can do on encrypted traffic without having to install certificates on client-side devices without creating client errors? I'm learning about deep packet inspection/AppID for things like content filtering, malware scanning, and application identification.
I understand the concept is essentially creating a MitM for yourself on your firewall/proxy and then publish the cert to the endpoints, but is there any compromise to where you can gain more insight into the datastream than just seeing it's HTTPS/TLS traffic without having to install a cert?
No comments:
Post a Comment