Rulesets contain rules and policies that control how an SSL Appliance handles SSL traffic. This document provides the steps to configure basic ruleset on an SSL Appliance.
Steps to Follow
In order to configure a ruleset on an SSL appliance, please follow the steps below:
1. Navigate to Polices > Rulesets.
2. Select the green plus (+) sign to add a new Ruleset.
3. Name the Ruleset and select OK.
Step 4: From the Rules section select the green plus (+) sign for Rules to insert new rules into your previously created Ruleset. If you have multiple Rulesets, you may have to click on the Ruleset name before adding or modifying rules.
A typical Ruleset includes, but not limited to the following Rules:
- One or more rules specifying inspection using known key/cert for traffic going to internal SSL servers that you can get the key/cert for.
- If there are any internal servers that use client certificates then you would have one or more rules that match sessions to these servers and cut through the traffic.
- If there are external servers that you know use client certificates or that you do not want to inspect traffic to you would have one or more rules that cause traffic to these servers to be cut through.
- Then you might have a default action that says inspect all SSL sessions using certificate re-sign.