An engineer configures SSL decryption in order to have more visibility to the internal users’ traffic when it is egressing the firewall.
Which three types of interfaces support SSL Forward Proxy? (Choose three.)
An engineer configures SSL decryption in order to have more visibility to the internal users’ traffic when it is egressing the firewall.
Which three types of interfaces support SSL Forward Proxy? (Choose three.)
SSL Forward Proxy can be configured on interfaces in Virtual Wire, Layer 2, or Layer 3 modes. These modes allow for traffic visibility and inspection when internal user traffic is egressing the firewall. High Availability (HA) and Tap interfaces are not suitable for SSL Forward Proxy as they serve different purposes, such as failover and passive monitoring respectively.
Answer BCE: PAN-OS can decrypt and inspect SSL inbound and outbound connections going through the firewall. SSL decryption can occur on interfaces in virtual wire, Layer 2 or Layer 3 mode https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClmyCAC
BCE is the way
B, C and E correct
virtual wire, Layer 2 or Layer 3 mode