Netskope Help

SSL Decryption

SSL decryption policies are applied right after traffic is steered to Netskope. By default, all traffic steered to Netskope will be decrypted, then further analyzed via Real-time Protection policies. In addition, all policies are disabled and you must enable them from the list view. 

If there is any traffic that you would like to leave encrypted, such as anonymous guest traffic and private financial / medical traffic, you can specify them in a SSL Decryption policy. Note that traffic left encrypted will not be further analyzed by Netskope.

Note

SSL decryption on Android is not supported. This traffic is always treated like a policy where SSL is not decrypted. However, SNI-based policies, if any, will apply to this traffic just like any other traffic that is not SSL decrypted.