You can create three types of decryption action profiles in TLS Inspection. This topic describes the profiles and how to use them.

The decryption action profiles are:
  • Bypass decryption profiles - This profile is used to bypass the decryption of traffic destined for specific categories of websites, for compliance and privacy reasons. For example, healthcare and financial websites. A default bypass profile named default-bypass-highfidelity-profile is provided by default. This profile cannot be changed.
  • External decryption profiles - These profiles are for TLS connections destined to a service not owned by the Enterprise. For example, http://merriam-webster.com. In general, Internet websites.
  • Internal decryption profiles - These profiles are for TLS connections destined to a service owned by the Enterprise itself. For example, http://www.corp.internal.com.