2/5/2015 · PAN device can decrypt ssl traffic, though it can’t insert HTTP header X-GoogApps-Allowed-Domains. This means PAN device can’t handle such a case. If you have proxy server, you can do it on the proxy.
Add the HTTP header X-GoogApps-Allowed-Domains: followed by a comma-separated list with allowed domain names. Make sure that the list includes the domain you registered with Google Workspace and…
Understand the custom HTTP headers you will use before you create HTTP Header Insertion Rules for your Palo Alto Networks® firewall.
For example, Palo Alto Networks® provides predefined support for YouTube custom headers that determine whether network users can access restricted content. You should also read the documentation for the SaaS application to which you want to control access so that you understand what headers you need to use for that application.
