I've been researching a bit on firewalls and content filtering, looking at PAN, Cisco Umbrella, Cato Networks, et cetera, but they all seem to have this gaping hole around HSTS. This is especially concerning as HSTS is likely to spread to smaller sites over time.
Has this been solved yet for enterprises? I can deploy a cert, but it looks like loads of browsers will ignore the certs I load, as they come pre-loaded with some of the majors (e.g. Google). I can appreciate that Google wants to protect the privacy interests of their users, but surely there's some workaround for enterprises that doesn't just involve whitelisting them... right?
TL;DR - Any advice on how to approach content filtering Google today is much appreciated! Have a great day, everyone!
No comments:
Post a Comment