How do network security engineers test whether a service uses http/https aside inspecting the certificates from the top left corner of a browser.
The idea is to deny communications to services (internally) that do not have valid ssl certificates.
e.g A user sends a request to access certain IP addresses (services) over a port number (not http or https).
Hi Polz,
If you have any network proxy device with ssl decryption and layer 7 application filtering, you can route the traffic thru the proxy device (For example: Explicit proxy configuration, PAC file, etc…)
And configure a policy that restricts traffic to unencrypted protocols or to non-valid ssl certificates.
It can be done using the Bluecoat ProxySG, Forcepoint Web Security, Palo Alto SSL Forward proxy, and more…