SSL/TLS Decryption

Secure encrypted traffic

Email, e-commerce, voice-over-IP, online banking, file storage and countless other applications and services are secured with Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption. Unfortunately, many security and performance monitoring tools lack the ability to see inside the encrypted sessions. Monitoring application performance and network usage patterns becomes impossible if you cannot determine which applications are running over the network. Even worse, advanced malware increasingly uses SSL/TLS sessions to hide, confident that security tools will neither inspect nor block its traffic. The very technology that makes the Internet secure can become a significant threat vector.

Decrypt once and scale

The Gigamon® Visibility Platform delivers SSL/TLS decryption to inline and out-of-band monitoring and security tools. It helps maximize the efficiency, security and performance of your network infrastructure. Any traffic received on any network port in the cluster of Gigamon visibility nodes can take advantage of SSL/TLS decryption. Additional Flow Mapping® and/or GigaSMART® applications can also be applied to the decrypted traffic. SSL/TLS decryption throughput can be increased by simply adding more modules to the visibility node, allowing inspection capacity to grow as SSL/TLS processing needs increase. The GigaSMART® module is able to selectively decrypt traffic using a variety of parameters, thereby complying with data privacy and compliance policies. Decrypted packets can be sliced to remove irrelevant or private data so that private data is never stored, read, or analyzed. This helps to fulfill regulatory compliance needs and simplify the auditing process.

Benefits of SSL/TLS Decryption

  • Provides automatic visibility into all SSL/TLS encrypted traffic, regardless of TCP port or application
  • Enhances existing security tools by centralizing and offloading SSL decryption and re-encryption
  • Exposes hidden threats, data exfiltration and malware
  • Supports flexible arrangements of inline security tools with automated resiliency against failures
  • Scales performance with additional GigaSMART modules
  • Helps preserve data privacy compliance with policy-based selective decryption
  • Integrates into the Gigamon Visibility Platform allowing multiple GigaSMART applications to work together (e.g. packet slicing, masking, de-duplication, Adaptive Packet Filtering)


Networking Field Day #15

Feature Brief

SSL/TLS Decryption


New Approaches to SSL Decryption Architectures.


Try and Buy

Explore GigaSECURE

GigaSECURE Security Delivery Platform

Enable effective, scalable and resilient network security

Application Session Filtering

Get visibility into entire sessions to properly identify and analyze threats.

Inline Protection

Maximize network uptime and security.

Metadata Generation

Generate unsampled L4 and L7 metadata to identify traffic patterns.