I've been playing around with MWG 126.96.36.199 and now I need to find some way to have mobile devices managed within the policies that will be implemented on the gateway. I've been testing with my own Android
device but I've seen where I have to import the certificate from the MWG in order to have SSL Scanner play nice with the device. So my first question, is there any way to have the certificate automatically pushed to a mobile device?
I'll also need to apply policies to these devices once I've got them sending web requests via the gateway, so is there some way to determine that a request is from or destined for a mobile device? I've been looking at User-Agent but I haven't exactly found how to use the property inside MWG yet. My wireless network uses a single subnet so all the IP addresses of multiple 802.11 NICs from various devices will show up there so I can't use an IP range, unfortunately.
Hi kbolt -
There is no other way to have the device automatically trust the MWG certificate - this is going to have to be done manually.
User-agent is definitely the route to take here. To build a rule for specific user agents, 1st make a user-agent list and the rule criteria would be:
Header.Request.Get ("User-Agent") Matches in List
This doc goes into much more detail and provides instruction on how create a rule using the user-agent:
*You'll need to have ssl scanner enabled and then place the user-agent rule below the sll scanner rule set, if you want your user-agent rule to apply to https traffic*