Tools Challenged by SSL Decryption?

Decrypt and expose malware hiding in encrypted sessions while preserving your security tool performance.

What is SSL Decryption?

SSL Decryption is critical to securing today’s enterprise networks due to the significant growth in applications & services using encrypted traffic. SSL (Secure Sockets Layer) is an industry standard for transmitting secure data over the Internet. It is based on a system of trusted certificates issued by certificate authorities and recognized by servers. In recent years, SSL has evolved to the Transport Layer Security (TLS) standard.

Malware increasingly uses SSL/TLS sessions to hide, confident that security tools will neither inspect nor block its traffic. The very technology that makes the Internet secure can become a significant threat vector.

It is therefore essential to decrypt SSL/TLS traffic while respecting privacy controls. However, decrypting SSL/TLS traffic is extremely compute intensive. Therefore, a network security architecture that replicates SSL/TLS decryption creates performance bottlenecks in multiple security tools.

Decrypt and Inspect

Identify hidden threats in both inbound and outbound encrypted traffic while providing greater resiliency of the security infrastructure with integrated Inline Bypass.

Reduce Security Cost

Increase the ROI of existing security tools by eliminating the overhead of decryption on each security tool, allowing each tool to operate at peak performance.

Simplify Operations

Get the operational simplicity of a single point of decryption policy control and key management vs. replicating them across multiple security tools.

Decrypt Once and Scale Your Security Stack

GigaSMART® SSL/TLS Decryption is a licensed application that enables SecOps, NetOps and Applications teams to obtain complete visibility into SSL/TLS traffic regardless protocol or application, so that they can monitor application performance, analyze usage patterns and secure their networks against data breaches and threats using encrypted communications.  Gigamon supports both inline/MiTM and passive/out-of-band decryption of SSL/TLS, meeting the diverse needs of your organization.

  • SSL/TLS detection on any port or application
  • 10 Mb to 100Gb interface support
  • Decrypt once, share with any tools as many times as you need
  • Strong crypto support including Diffie-Hellman Ephemeral, Elliptic Curves, Poly1305/ChaCha20
  • Power controls over certificate validation, extending Certificate Revocation Lists and Online Certificate Status Protocol (OCSP)
  • Meet privacy and compliance requirements: included support for URL categorization

Benefits of SSL Decryption on Different Architectures

Traditional inline decryption technologies have limitations over inline decryption on a Security Delivery Platform. Firewalls and web security gateways decrypt SSL/TLS traffic but often cannot deliver that decrypted traffic to other monitoring and security tools. Likewise, load balancers are good at terminating SSL/TLS traffic and load balancing to servers but lack the ability to distribute this traffic to multiple inline security tools prior to re-encryption. Lastly, these solutions lack the traffic selection controls to forward non-encrypted traffic at line rate and often send all traffic to the decryption engine, creating performance challenges.

capacity GigaSMART SSL Decryption Firewall Load Balancer Standalone Decryptors
Enhances existing security tools by centralizing and offloading SSL decryption and re-encryption. Y/N Y/N Y/N Y/N
Exposes hidden threats, data exfiltration and malware. Y/N Y/N Y/N Y/N
Supports flexible arrangements of inline security tools with automated resiliency against failures. Y/N Y/N Y/N Y/N
Respect data privacy compliance with policy-based selective decryption. Y/N Y/N Y/N Y/N
Service chain multiple traffic intelligence applications (e.g. packet slicing, masking, de-duplication, Adaptive Session Filtering). Y/N Y/N Y/N Y/N

Feature Brief

SSL/TLS Decryption

Scalable, automatic visibility and management of SSL/TLS traffic.

DEPLOYMENT GUIDE

Inline SSL Decryption

Instructions for deploying Inline SSL on GigaVUE-OS within an enterprise network.

INFOGRAPHIC

Encrypted Traffic and Threats are Increasing

Effectively expose hidden threats and malware: create a "decryption zone" to manage SSL/TLS traffic.

Training: SSL Decryption

Learn about Gigamon Inline SSL Decryption from the leader in visibility.

Man looking at a phone
BlackHat logo

“The performance of the GigaSECURE Security Delivery
Platform has been exceptional. I don’t even know where the
ceiling is because we haven’t even come close to hitting it.
Everything that we’ve wanted to do with the company’s solution,
we’ve been able to do.”

Neil R. “Grifter” Wyler • Network Operations Center Lead • Black Hat

Have Questions?

We're here to help you find the right security solution for your business.

Related Pages

GigaSECURE Security Delivery Platform

CORE SOLUTION

GigaSECURE®

Route the right traffic to the right tools.

Inline Bypass

TRAFFIC INTELLIGENCE

Inline Bypass

Reduce network downtime in the face of threats.

 

GigaSMART

TRAFFIC INTELLIGENCE

GigaSMART®

Optimize traffic sent to your tools.

Security

USE CASE

Security

Cybercriminals are always trying something new. Are you?