Users connect to a server in the data center for file sharing. The organization wants to decrypt the traffic to this server in order to scan the files being uploaded and downloaded to determine if malware or sensitive data is being moved by users.
Which proxy should be used to decrypt this traffic?
To decrypt traffic for the purpose of scanning files for malware or sensitive data as they are uploaded and downloaded to and from a server, the correct approach would be to use an SSL Forward Proxy. SSL Forward Proxy effectively intercepts and decrypts outbound SSL traffic from users to the server, allowing the organization to inspect the content before it's forwarded on to the server. This is essential for inspecting encrypted traffic to detect any potential threats or sensitive data transfers.
SSL Inbound Proxy ecryption mode can only work if you have control on the targeted Web Server certificate to be allow to import Key Pair on Palo Alto Networks Device. That's why this decryption mode is often use to decrypt SSL inbound traffic to Internal Web Server. Since in the question they talk about IN THE DATA CENTER, it needs to be this one. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClV8CAK
Choosing "B" although SSL Inbound INSPECTION is not a proxy.
Since it's referring to internal users and SC-CAN do not enforce security, it would be SSL outbound proxy, that hits the users connecting from remote networks or as Mobile Users.
The real answer is "SSL Forward Proxy" on the Mobile User policy, for two reasons. 1) SSL Inbound Proxy is not a real thing. It is SSL Inbound Inspection, and it does not PROXY any connections; the client connects directly to the server and there is no man-in-the-middle proxy from the firewall. 2) The question mentions "DC/datacenter" and with Prisma Access you will have these deployed as Service Connections 99% of the time. Service Connections do not support policies like decryption, nat, and security.
D. SSL Forward Proxy. SSL inbound proxy isnt a thing... it's SSL inbound inspection.