ssl - Zscaler Intermediate Certificate -
our company implemented zscaler proxy filtering, learned uses root certificate pushed out of our machines forge ssl certificates mitm filtering of our traffic. i'm not happy this, lot of sensitive work, i'm not going complain.
but i'm noticing don't seem doing consistently. instance, if go facebook on work network, certificate signed zscaler intermediate root ca, means it's been compromised. if go to, say, bank, says it's signed verisign. right in thinking means bank connection has not been intercepted , still end end encrypted?
zscaler allows administrator configure sites/domains/categories or not decrypted inspection. sounds admins have disabled ssl decryption sites in finance category, , traffic bank not being decrypted, whilst traffic facebook is.
as far determining traffic , not being decrypted right - check ssl certificate , if it's signed zscaler certificate traffic being man-in-the-middle'ed. if it's signed other certificate (including verisign/etc) it's not being mitm'ed.
Comments
Post a Comment