Exempting websites from HTTPS inspection


The Sites exempt option under the HTTPS inspection tab enables you to state websites that will not be subjected to inspection as they flow through the cloud Filter. The purpose of exempting websites from HTTPS inspection is mainly for liability purposes as some organizations may require sensitive data over secure websites to not be inspected.


End users can determine that the website they are viewing is not inspected by checking who has issued the certificate for that site. If the certificate was issued by iSheriff Inc., traffic to the site has been inspected.

 

Exemptions for HTTPS Inspection can be configured by logging into the iSheriff Cloud Portal and going to:


Filter Management à Overview à Edit policy à Data Protection à HTTPS Inspection


note.jpg

Note

HTTPS Inspection is a policy base setting so exemptions have to be created per policy assignment.


Click Add Site and state the website needed to be excluded.

 

Click Save at the bottom of the page to make changes permanent




note.jpg

Note

By default the categories Banking, Online Trading and Health are exempted from HTTPS Inspection.