So your idea is to block every HTTPS website?
> On 18 Jan 2015, at 6:48 pm, Ca By <cb.li...@gmail.com> wrote: > >> On Sunday, January 18, 2015, Grant Ridder <shortdudey...@gmail.com> wrote: >> >> Hi Everyone, >> >> I wanted to see what opinions and thoughts were out there. What software, >> appliances, or services are being used to monitor web traffic for >> "inappropriate" content on the SSL side of things? personal use? >> enterprise enterprise? >> >> It looks like Websense might do decryption ( >> http://community.websense.com/forums/t/3146.aspx) while Covenant Eyes does >> some sort of session hijack to redirect to non-ssl (atleast for Google) ( >> https://twitter.com/CovenantEyes/status/451382865914105856). >> >> Thoughts on having a product that decrypts SSL traffic internally vs one >> that doesn't allow SSL to start with? >> >> -Grant > > IMHO, it would be better to just block the service and say the encrypted > traffic is inconsistent with your policy instead of snooping it and > exposing sensitive data to your middle box. > > These boxes that violate end to end encryption are a great place for > hackers to steal the bank and identity info of everyone in your company. > > That sounds like a lot liablity to put on your shoulders. > > CB
