In message <[email protected]>, Saso Kiselkov writes: >Minor side-note, unless the proxy is trying to brutally MITM the session >(forged certificates and all), then there's absolutely no way for it to >know if a particular TLS session is carrying HTTPS traffic or something >else (short of doing some kind of statistical analysis of the traffic >flow, that is).
I believe Palo Alto Network's product combines statefull firewall and application proxy inspection. <URL:https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/tech-briefs/paloaltonetworks-vs-proxy.pdf> John [email protected] _______________________________________________ OmniOS-discuss mailing list [email protected] http://lists.omniti.com/mailman/listinfo/omnios-discuss
