Palo Alto SSL decryption

>> rests on the premise that people using a corporate network agree to having their traffic decrypted for inspection purpose based on the fact that they are using somebody else's equipment and infrastructure for work related purposes as opposed to private personal use, so the onus in that case would be on the user to moderate their behavior against what they know is going to be seen, however when it comes to financial information and other privileged data such as health and medical for instance there are multiple laws governing the ability to decrypt this traffic and in every case I am aware of it is deemed illegal and can not be done, therefore the situation would never arise, that is why the no-decrypt policy is as important as decrypt policy.


>>SSL decryption does mean that the traffic would pass through the firewall in plain text so we control what data gets decrypted to ensure the balance of security for users privacy and security and the company providing the infrastructure to the employee / sanctioned user.