Create a Decryption Profile
Use the following procedure to create a decryption profile.
Procedure
Step 1 | In the Security Cloud Control platform menu, choose . |
Step 2 | Navigate to . |
Step 3 | Click Create. |
Step 4 | Specify a Profile Name and a Description. |
Step 5 | For Certificate Method choose Select Existing. |
Step 6 | For Certificate choose the desired certificate. |
Step 7 | For Min TLS Version choose the lowest TLS version that is accepted by the decryption profile. The default is TLS 1.0. |
Step 8 | If using non-default (non-PFS) cipher suites, select the set of desired cipher suites from the Diffie- Hellman or PKCS (RSA) menus. Note that the Multicloud Defense Controller filters the available cipher suites so only the strongest ciphers are listed, dependent on the min TLS version you selected in step 6. |
Step 9 | Click Save. |
What to do next
Attach the profile to a policy rule set. See Rule Sets and Rule Set Groups for more information.