PAN-OS Decryption Port Mirror - Part 1 - Why and How
Okay, so. Decrypting traffic. Something unpopular. Purposely breaking decryption and secrecy. When would we ever want to do that?
Well...for an enterprise, the answer is nearly always. At some point after encryption gained true popularity and adoption for legitimate activity, attackers took note and started using encrypted channels to deliver payloads and communicate with C2 frameworks. To noones surprise, the tools we use everyday to defend data, systems, and networks, are the same ones our adversaries are using to attack us.