My question is if the product can do this (url filtering or blocking for https traffic) without implementing a DNS solution-based approach (OpenDNS as an example). I do not like the DNS based solution as it will not give me the granularity of applying the rules to specific internal IP address/es and endpoints. So this would require either:
1. SSL termination for URL/packet inspection
2. Ponteially reading the server name in part of the SSL handshake
Please sign in to leave a comment.