In 2015 changes were been made by Yahoo and Google in the way it retrieves search results. The search engines started diverting users to their HTTPS site, rather than the HTTP site that it previously used. The effect of this change compromised eSafety for HICS and along with other ISPs we had to carry out some changes to make sure the safety features continued to be available and SSL inspection was deployed.
SSL inspection, commonly referred to as ‘man in the middle’ has the capability to decrypt the HTTPS session allowing us to apply the necessary safety features. This technology can intercept all HTTPS traffic. With this in mind, HICS has a ‘white list’ detailing which websites to decrypt so as data is only intercepted where necessary. For example, even though this technology has the capabilities to decrypt online banking websites, we will leave banking websites from the list of websites that have this technology deployed.
Although there are workarounds if schools wish not to deploy this, it is highly recommended that the schools use SSL inspection. For this to work, you must deploy the RM SafetyNet SSL certificate to your network computers and any standalone devices. Instructions on how to do this can be found here: www.rm.com/products/online-safety-tools/rm-safetynet/google-ssl
Please note the websites that currently have SSL inspection deployed are: Google, Yahoo, YouTube and AOL