Intelligent decryption bypass

To set up Intelligent Decryption Bypass for an outbound decryption rule, locate Intelligent Decryption Bypass and set it to Slider enabled () to not decrypt traffic for very low-risk clients connecting to trusted servers, based on the threat confidence levels of clients which are determined by the Encrypted Visibility Engine (EVE) and the URL category reputation.

To see our current list of clients classified by trust level, go to Secure Firewall Application Detectors. For example, cnn.com is classified as Very Low. Make sure you understand what traffic you are choosing to not decrypt.