On-box SSL Decryption for ASA Servers: Cisco’s next-generation firewall (NGFW), Cisco ASA with FirePOWER Services, now has the ability to locally manage SSL communications and decrypt the traffic through ASDM before performing attack, application, and malware detection against it.
Created On 06/03/20 21:47 PM - Last Updated 08/10/20 19:34 PM
- The Sourcefire SSL Appliance can decrypt and re-encrypt SSL traffic, allowing unimpeded security inspection that scales in concert with your network performance requirements.
- The selected SSL sessions are now decrypted. Decrypting SSL traffic using the SSL::sessionsecret iRules command (SSL session cache disabled) You can decrypt SSL traffic using the SSL::sessionsecret iRules command in the event that the SSL session cache feature is disabled in the SSL profile. To do so, perform the following steps.
- The Sourcefire SSL Appliance decrypts SSL traffic and sends it to existing security and network appliances via dedicated gigabit Ethernet links. This enables existing IPS appliances to identify risks normally hidden by SSL such as regulatory compliance violations, viruses, malware, data loss, and intrusion attempts.
Question
What is SSL Decryption?
Environment
PAN-OS
Next Generation Firewall
Answer
Sourcefire Ssl Decryption Download
- Without SSL Decryption: A firewall admin has no access to the information inside of an encrypted SSL packet, masking all of the activity
- With SSL Decryption: If the data is sourced from within the network, there will be visibility into the SSL packet to find hidden applications and threats inside SSL traffic
Gigamon Ssl Decryption
Additional Information
Looking for a deeper dive? Please read White Paper - Decryption: Why, Where, and How
For a list of valuable resources on understanding and configuring SSL Decryption, see SSL Decryption Resource List on Configuring and Troubleshooting
For implementing and testing SSL Decryption, see How to Implement and Test SSL Decryption
Additional information about SSL Decryption and Best Practices: Decryption Best Practices
For additional information on new SSL Decryption features, please review this blog on LIVEcommunity.