Comodo Help
Find the desired product help
Comodo Secure Web Gateway

Comodo Secure Web Gateway

Secure Web Gateway Admin Guide

English

Print Help Download Help
Manage Policies > Web Content Policy > Configure SSL Inspection Settings
  • Introduction To Comodo Secure Web Gateway
    • Purchase Licenses
    • Login To The Admin Console
  • The Admin Console
  • The Dashboard
    • Customize The Dashboard
  • Configure Comodo Secure Web Gateway
    • Connect Your Network / Devices To Secure Web Gateway
      • Traffic Forwarding Via Direct Proxy Or PAC
      • Traffic Forwarding Via Proxy Chaining
      • Traffic Forwarding Via Internet Content Adaptation Protocol (ICAP)
      • Traffic Forwarding Via SWG Agent
    • Connect Your Roaming Devices To Comodo Secure Web Gateway
      • View Enrolled Roaming Devices
    • Configure Comodo Secure Web Gateway Messages
    • Configure Domain Name
    • Configure PAC File For Exclusions
    • Configure Data Loss Prevention And View ICAP Service Information
    • Configure Policy Time-Schedules
  • Manage Trusted Networks
  • Manage Policies
    • Security Policy
      • Configure Advanced Threat Protection Settings
      • Configure Containerization Settings
    • Web Content Policy
      • Manage URL Filtering Policies
      • Configure SSL Inspection Settings
      • Manage File Type Control Rules
  • Apply Policies To Networks
  • Administration
    • Configure User Authentication Settings
    • User Management
      • Manage Users
      • Manage User Groups
      • Manage Departments
      • Manage Computers
    • My Profile
  • Reports
    • Custom Reports
    • Scheduled Reports
  • Unknown Threat Statistics
  • About Comodo Security Solutions

Configure SSL Inspection Setting

 

  • Click 'Configuration' > 'Web Content Policy' > 'SSL Inspection' to view this interface.

The 'SSL Inspection' area lets you:

  • Specify whether Comodo Secure Web Gateway (SWG) should check if websites use an SSL certificate from a trusted CA. You can then choose whether to allow or block sites that use an untrusted certificate.
    • Download and install the Comodo SWG certificate. This is required if you want SWG to decrypt, analyze and apply policies to content served by https websites. The certificate should be installed on users' browsers or deployed to networks via Group Policy Object (GPO).
    • Create exceptions to allow trusted domains, IPs and networks.

    Contact Comodo at [email protected] to specify website categories to bypass Comodo Secure Web Gateway filtering engine and allow users to access websites in these categories directly.




    Enable SSL Inspection

      • SSL inspection checks whether a website uses a certificate from a trusted certificate authority (CA).
      • Choose whether you want to allow or block sites which use an untrusted certificate - one that is not from a trusted CA.
      • You must enable this for SWG to monitor HTTPS traffic and apply relevant policies. See 'Certificate for SSL Interception' for help to install the SWG SSL certificate.
      • Click 'Save' for your changes to the page to take effect.

      Bypassed Domains


      Add domains, IPs and networks whose certificates will be not checked by Comodo SWG.

      • Enter the URL of a website, domain, domain name with wildcard, IP or network in CIDR format in the field and click the '+' button. Repeat the process to add more exceptions.




      • To remove a website from the list, click the trash can icon beside it.
      • Click 'Save' for your changes to the page to take effect.


      Certificate for SSL Interception

      • You have to download and install the SWG certificate in order to decrypt and apply policy to HTTPS websites.
      • Once the certificate is installed, SWG can apply all rules to HTTPS sites as it does for non-secure sites.
      • Make sure 'Enable SSL Inspection' is on.
      • Click the 'Download Certificate' button. You can also download the certificate from 'Administration' > 'How to Configure' > 'SSL Interceptions' > 'Download Node Certificate'.

       

      • Installation - click the 'How to page' link and follow the instructions in the 'SSL Interception' tab.
      • Note – You can get Comodo SWG to generate a certificate for you, or you can upload an existing certificate.
      • Go to 'Administration' > 'How to Configure' > 'SSL Interceptions' tab
      • Click 'Generate Certificate' under 'Generate Node Certificate' – This will replace the current SSL certificate in the node.
      • Upload Combined PEM File - To use your own SSL certificate, click 'Browse...' , select the certificate then click 'Upload'.
      • Click 'Download Certificate'. Follow the instructions under 'Browsers' / 'Windows Group Policy'' for help to install the certificate

      Bypassed Categories


      The list of bypassed categories is provided by Comodo. Sites in bypassed categories are not subject to SWG filters and can be freely accessed by end-users. Please contact us at [email protected] if you want to add or remove categories from the list.




      Our Products
      • Free Antivirus
      • Free Internet Security
      • Website Malware Removal
      • Free Anti-Malware
      • Anti-Spam (Free Trial)
      • Windows Antivirus
      • Antivirus for Windows 7
      • Antivirus for Windows 8
      • Antivirus for Windows 10
      • Antivirus for MAC
      • Antivirus for Linux
      • Free Endpoint Security
      • Free ModSecurity
      • Free RMM
      • Free Website Malware Scanner
      • Free Device Manager for Android
      • Free Demo
      • Network Security
      • Endpoint Protection
      • Antivirus for Android
      • Comodo Antivirus
      • Wordpress Security
      Cheap CDN
      • Bootstrap CDN
      • Semantic UI CDN
      • Jquery CDN
      • CDN Plans
      • CDN
      • Free CDN
      Enterprise
      • Patch Management Software
      • Patch Manager
      • Service Desk
      • Website Down
      • Endpoint Protection Solutions
      • Website Security Check
      • Remote Monitoring and Management
      • Website Security
      • Device Manager
      • ITSM
      • CRM
      • MSP
      • Android Device Manager
      • MDR Services
      • EDR Services
      • Ransomware Prevention
      • Managed IT Support Services
      • EDR
      Free SSL Certificate
      Support Partners Terms and Conditions Privacy Policy

      © Comodo Group, Inc. 2023. All rights reserved.