03 19 2013 19:10:40 10.128.68.92
Here’s an interesting event we caught this week. In this case, a Juniper Firewall has identified a user accepting an invalid SSL cert. This could be a sign of a man-in-the-middle attack or spoofed website.
The Juniper can be configured to explicitly deny this traffic, but in this case is allowing the traffic and logging the activity. This will add flexibility to your Juniper deployment as you can give your users permission to accept certificates but still audit the activity later.