Educause Security Discussion mailing list archives

Re: paloalto firewall

From: Chris Edwards <chris () ENG GLA AC UK>
Date: Fri, 21 Dec 2007 10:58:25 +0000

As others have said, the device is performing a middle-person attack.  For
this to work you have to install a certificate on all your desktops.

This is easier for some sites than others.  And as Valdis says, those
sites who already have a private SSL PKI setup (in other words a campus
CA certificate already installed in everyone's browser) will not need to
touch the desktops...

Current thread:

Re: paloalto firewall Mike Corcoran (Dec 20)
- <Possible follow-ups>
- Re: paloalto firewall Alex (Dec 20)
- Re: paloalto firewall Jeff Holden (Dec 20)
- Re: paloalto firewall Mark Boolootian (Dec 20)
- Re: paloalto firewall Valdis Kletnieks (Dec 20)
- Re: paloalto firewall Chris Edwards (Dec 21)
- Re: paloalto firewall Jeff Holden (Dec 21)
- Re: paloalto firewall Gene Spafford (Dec 21)