SSL Decryption & Inspection

Secure Sockets Layer (SSL) or Transport Layer Security (TLS) is an application-level protocol that provides encryption technology for the Internet.

From virtually nothing just a few years ago, it is not uncommon to see 50 to 70 percent of data centre traffic encrypted today. While encryption improves security, it also creates new problems: Malicious traffic could be encrypted, and DPI detection mechanisms would be rendered ineffective because they would not be able to look inside this traffic.

Organisations therefore need solutions that can provide visibility into the encrypted traffic. This is typically achieved by providing the private keys and certificates to a decryption device. If done in the firewall, the traffic in the data centre or campus is vulnerable. Hence, end-to-end encryption is common nowadays. This means that it is necessary to decrypt TAP’d or SPAN port data for the purpose of visibility and monitoring.