cancel
Showing results for 
Search instead for 
Did you mean: 
cryptochrome
Level 7

Why put Authentication rules after SSL-Scanner?

Hi,

basic newbie question: The default ruleset puts the SSL-Scanner rules in front of the Authentication rules. That doesn't compute in my brain. Why would you do this? Wouldn't authentication be the very first thing you want to do (except for global white/blacklists maybe)?

Thanks

0 Kudos
2 Replies

Re: Why put Authentication rules after SSL-Scanner?

In case of any transparent method (bridge, router, wccp) you need SSL prior to doeing auth as you need to open up the data to inject authentication elements (cookie, auth server, etc).

best,

Michael

0 Kudos
cryptochrome
Level 7

Re: Why put Authentication rules after SSL-Scanner?

Ok, and in a direct proxy environment?

0 Kudos