Standard decryption policy deployment issues to versions earlier than 10.0.0

If you deploy a standard decryption policy to a device that runs a version earlier than 10.0.0, you can encounter the following issues:

• If you configured any inbound decryption rules, the rule action is changed to Decrypt - Known Key on those devices. For more information about the kinds of incoming decryption actions, see Incoming traffic decryption.

• The advanced policy option Intelligent Decryption Bypass requires the device to run version 7.7 or later. By default, this advanced option is disabled but if you enable it, policy deployment fails if the device runs a version earlier than 7.7.