Possible to only Exclude replacing HTTPS certificate from Network Protection

allenwu
allenwu Mr
edited February 7 in Enterprise Security

Hi

We currently try to only replace HTTP certificate for our web DLP solution and remain other encrpyted traffic being intercepted but failed.

We have checked the general settings and noticed that simply just unclick Scan HTTPS doesn't stop replacing the certification but disble the feature only.

Does anyone have faced similar issues and suggest any workaround?

Comments

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭

    Hello.

    Since you need help with business product, @Andrei_S Enterprise (who provides support for business products) could take a look here and help you with the issue.

    Also, you can always contact the Bitdefender business support:

    Regards.

  • Andrei_S Enterprise
    Andrei_S Enterprise Business Support Manager BD Staff

    Hello @allenwu ,

    Please use this article and add an exclusion in the Network Protection: https://www.bitdefender.com/business/support/en/77209-342964-general.html

    If you still needed assistance with adding the exclusion or if your scenario is not resolved please reach out to the Enterprise Support Team and someone will be happy to help you.

    Kind Regards

  • Hi @Andrei_S Enterprise,

    We have seen and did follow the instruction on that article but it doesn't quite fit our scenario. The current setting only allows exceptions on certain websites without stopping replacing the original HTTP certificates to Bitdefender-signed ones.

    This puts us in a paradox: either stop all network protection to enable HTTP DLP traffic inspection or have no content visibility on HTTP traffic at all

    The suggested method from our provider is to disable all network protection features to stop certificate replacement. However, we find it a bit unfortunate that there is no configuration to stop replacing the HTTPS certificate only.

    Therefore, we are reaching out here to see if any other experts share the same concern.

    Regards.

  • Bypassing HTTPS TLS interception alone seems to be possible by disabling Encrypted Web Scan with Support Teams remote assistance according to a comment from the articles below, written in March 3, 2023.

    For other defenders' information, we might try to reach out to Support team for this workaround.

    https://community.bitdefender.com/en/discussion/93304

    https://community.bitdefender.com/en/discussion/95418