Please find information below for connectivity issues and/or seeing live thumbnails. 


IMPORTANT:


Please allow access to any and all Senso.cloud related addresses and make sure to exclude them from filtering and SSL packet inspection for any connection (authenticated/unauthenticated). 


Refer to the main FIREWALL article for specific URL chart. 


First, let's talk about what SSL/TLS or HTTPS interception is. 


It is the process of intercepting the SSL/TLS or encrypted internet communications between a client and a server. 

      

For Senso software to work correctly, any packet information associated with our URLS CANNOT be 

inspected by SSL/TLS or it will break the connection, leading to devices not appearing online in the Senso Portal or not showing in Thumbnail view.


In addition, the recommendation for Chromebooks is also to not have TLS interception turned on https://support.google.com/chrome/a/answer/3504942?hl=en&ref_topic=3504941 


Please find links below to more information about making these changes to Firewalls/Filters. 


If you don't see your specific information below, please refer to the technical documentation included for your appliance setup.


Cisco Umbrella:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/getting_started_with_ssl_rules.html#ID-2254-000002c5 


https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/url_filtering.html#concept_292D0D26F9414181910DCC3265D95E91 


Barracuda:

https://campus.barracuda.com/product/websecuritygateway/doc/49743542/how-to-configure-ssl-inspection-version-10-and-11


Forcepoint:

https://www.websense.com/content/support/library/web/hosted/admin_guide/ssl_bypass.aspx 


Fortigate:

https://help.fortinet.com/fos50hlp/52data/Content/FortiOS/fortigate-firewall-52/Security%20Policies/SSL%20-%20SSH%20Inspection.htm 


https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-security-profiles/SSL_SSH_Inspection/ssl_ssh_inspection_intro.htm 


iBoss:

https://www.ct.gov/cen/lib/cen/ibossswgv7.pdf   (Page 38)


LightSpeed: 


http://community.lightspeedsystems.com/documentation/web-filter3/administration/proxy-server/ssl-decryption-exemptions/ 


http://community.lightspeedsystems.com/documentation/web-filter3/administration/authentication/domain-exemptions/ 


Palo Alto:

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion.html#


Smoothwall:

https://help.smoothwall.net/Glamis/Content/modules/guardian3/cgi-bin/guardian/filteringpolicywiz.htm 


https://kb.smoothwall.com/hc/en-us/articles/360002031930-Allowing-a-Blocked-Website 


Sonicwall:

http://help.sonicwall.com/help/sw/eng/9530/26/2/3/content/PANEL_scSslCtrlCustomLists.htm


Sophos:

https://community.sophos.com/kb/en-us/123178 

If your network is set up to allow authentication of websites, please refer to this article:

https://community.sophos.com/kb/en-us/123113