home

Security Service Edge

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Security Service Edge

Configure Tenant-Level Default TLS Intercept Settings

Set Tenant-Level Default TLS Action

To enable TLS interception at the tenant level, change the default TLS Action to Inspect & Proxy. You can also define TLS policies to intercept selective traffic and keep the default TLS Action as TLS Bypass. When default TLS Action is TLS Bypass, you must define the TLS policy to intercept the requests to apply the web and application policy.

When the default TLS Action is Inspect & Proxy, all the proxy traffic will be scanned through the phishing protection, DLP scan, and malware scan unless you have defined the TLS policies to bypass the traffic. If the default TLS Action is TLS Bypass, you must define the TLS policies with the action as Inspect & Proxy for phishing protection, DLP scan, and malware scan. In both cases, phishing protection, DLP scan and malware scan cannot work for bypassed traffic.

  1. Select Administration > System Settings.
  2. Click Advanced Configuration from the menu.
  3. Click the Policy Settings tab.
  4. Under TLS Intercept, select one or more options depending on your requirement:
    • Default TLS Action for Internet Access - use this option to select the default TLS action for internet access.

    • Default TLS Action for Enterprise Access - use this option to select the default TLS action for enterprise access.

      This setting is applicable only to unmanaged enterprise applications.

  5. Network Layer Policy settings:

    The Enterprise Access Action is set to Allow & Log by default to allow access to all unmanaged enterprise applications. If required, you can change the default action for Enterprise Access.

    • Allow & Log (Default)

    • Deny

      The selected default action will be applied to Enterprise Applications and not to Internet Access. For Internet Access, the default action is Allow & Log.

  6. Save the setting.

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.