Block connections

(Optional.) This topic provides details about how to block connections to servers with unsecure TLS versions and server certificate statuses while creating a decryption policy.

You can choose to block any of the following:

• SSL and TLS versions because some are considered unsecure.

• Certificate status; for example, you can block outbound traffic to a server with an expired certificate because that server might not be trustworthy.

For more information, see Add block connections.