In this lab exercise, you will bypass SSL decryption based on requests to URLs categorized as financial services web sites.
Estimated completion time: 25 minutes
Objectives:
Lab Requirements:
Copy the Lab_Per_Request Per Request Policy by browsing to Access Policy > Per-Request Policies and click Copy
Name the copy Lab_Per_Request_SSL_Bypass
Edit the new Per-Request Policy by clicking Edit, then go to the VPE tab in your browser
Modify the Encrypted Category Lookup object to include a branch for SSL Bypass:
Click on the existing Category Lookup object
On the Properties tab, change the name to Encrypted Category Lookup
Click to access the Branch Rules tab
Click Add Branch Rule and name it Banks
Click Change to modify the Expression of this new Branch Rule
Click Add Expression
Change Agent Sel: to Category Lookup
Change Category is: to Financial Data and Services
Click Add Expression
Click Finished
Click Save
Add an SSL Bypass Set object (from the General Purpose tab) on the Banks branch of the Encrypted Category Lookup
Click Save
Add an SSL Intercept Set object (from the General Purpose tab) on the “fallback” branch of the Encrypted Category Lookup
Click Save
Add a URL Filter object on the SSL Bypass Branch; select the LAB_URL_FILTER URL filter previously created in Lab1
Click Save
Change the Allow branch to an ending of Allow
user1
AgilityRocks!