Tools Challenged by SSL Decryption?

Decrypt SSL traffic and expose malware hiding in encrypted sessions while maintaining your security tool performance.

The arrival of the digital age and the almost total ubiquity of the internet has revolutionized the way people shop. Where once brick-and-mortar shops dominated the retail market, ecommerce is now offering greater selection at greater convenience by bringing purchasing power to online space. And traditional customers aren’t the only ones who are taking notice. B2B as well as B2C industries are working hard to establish an effective online presence. But to do that, they need to demonstrate the ability to protect sensitive customer information.

And that’s where SSL decryption comes in.

What is SSL Decryption?

To protect that vital data, businesses and other organizations implement Secure Socket Layers (SSL). SSL creates a secure channel between users’ computers or other devices as they exchange information over the internet. SSL is an industry standard, and is based on a system of trusted certificates issued by certificate authorities and recognized by servers. In recent years, SSL has evolved to the Transport Layer Security (TLS) standard.

The decryption of SSL/TLS traffic acts as a proxy for applications and client browsers. However, it is extremely computationally intensive and introduces latency, so the best architecture minimizes the decryption required to inspect all relevant traffic while offering legal and privacy controls. The centralized approach offered by Gigamon provides such an architecture.

Decrypt and Inspect

Identify hidden threats in both inbound and outbound encrypted traffic while providing greater resiliency of the security infrastructure with integrated Inline Bypass.

Reduce Security Cost

Increase the ROI of existing security tools by eliminating the overhead of decryption on each security tool, allowing each tool to operate at peak performance.

Simplify Operations

Get the operational simplicity of a single point of decryption policy control and key management vs. replicating them across multiple security tools.

Decrypt Once and Scale Your Security Stack

SSL Decryption is critical to securing today’s enterprise networks due to the significant growth in applications and services using encrypted traffic. Malware increasingly uses SSL/TLS sessions to hide, confident that security tools will neither inspect nor block its traffic. When that happens, SSL/TLS sessions can become a liability, inadvertently camouflaging malicious traffic. In other words, the very technology that makes the Internet secure can become a significant threat vector.

Enabling SSL decryption uses the root certificate on client machines, acting as Certificate Authority for SSL requests. This makes it possible to decrypt, inspect and then re-encrypt SSL traffic before sending it off to its destination. This helps ensure that only authorized traffic is entering the network, and that malware hidden in SSL/TLS sessions is exposed and dealt with.

GigaSMART® SSL/TLS Decryption

GigaSMART® SSL/TLS Decryption is a licensed application that enables SecOps, NetOps and Applications teams to obtain complete visibility into SSL/TLS traffic regardless protocol or application, so that they can monitor application performance, analyze usage patterns and secure their networks against data breaches and threats using encrypted communications.  Gigamon supports both inline/Man in the middle and passive/out-of-band decryption of SSL/TLS, meeting the diverse needs of your organization.

  • SSL/TLS detection on any port or application
  • 10 Mb to 100Gb interface support
  • Decrypt once, share with any tools as many times as you need
  • Strong crypto support including Diffie-Hellman Ephemeral, Elliptic Curves, Poly1305/ChaCha20
  • Power controls over certificate validation, extending Certificate Revocation Lists and Online Certificate Status Protocol (OCSP)
  • Meet privacy and compliance requirements: included support for URL categorization

Benefits of SSL Decryption on Different Architectures

Traditional inline decryption technologies have limitations over inline decryption on a Security Delivery Platform. Firewalls and web security gateways decrypt SSL/TLS traffic but often cannot deliver that decrypted traffic to other monitoring and security tools. Likewise, load balancers are good at terminating SSL/TLS traffic and load balancing to servers but lack the ability to distribute this traffic to multiple inline security tools prior to re-encryption. Lastly, these solutions lack the traffic selection controls to forward non-encrypted traffic at line rate and often send all traffic to the decryption engine, creating performance challenges.

capacity GigaSMART SSL Decryption Firewall Load Balancer Standalone Decryptors
Enhances existing security tools by centralizing and offloading SSL decryption and re-encryption. Y/N Y/N Y/N Y/N
Exposes hidden threats, data exfiltration and malware. Y/N Y/N Y/N Y/N
Supports flexible arrangements of inline security tools with automated resiliency against failures. Y/N Y/N Y/N Y/N
Respect data privacy compliance with policy-based selective decryption. Y/N Y/N Y/N Y/N
Service chain multiple traffic intelligence applications (e.g. packet slicing, masking, de-duplication, Adaptive Session Filtering). Y/N Y/N Y/N Y/N

EBOOK

Encrypted Threats are Lurking in Your Traffic

Accelerate detection and response with SSL/TLS decryption.

FEATURE BRIEF

SSL/TLS Decryption

Scalable, automatic visibility and management of SSL/TLS traffic.

DEPLOYMENT GUIDE

Inline SSL Decryption

Instructions for deploying Inline SSL on GigaVUE-OS within an enterprise network.

Beacon Health Options Protects Patient Data with SSL Decryption

Training: SSL Decryption

Learn about Gigamon Inline SSL Decryption from the leader in visibility.

Man looking at a phone

See what your peers are talking about in the Gigamon Community

Learn more about SSL Decryption and connect with other Gigamon users to ask questions, share use cases and deployment examples.
 

Have Questions?

We're here to help you find the right decryption solution for your business.

Related Pages

GigaSECURE Security Delivery Platform

CORE SOLUTION

GigaSECURE®

Route the right traffic to the right tools.

Inline Bypass

TRAFFIC INTELLIGENCE

Inline Bypass

Reduce network downtime in the face of threats.

 

GigaSMART

TRAFFIC INTELLIGENCE

GigaSMART®

Optimize traffic sent to your tools.

Security

USE CASE

Security

Cybercriminals are always trying something new. Are you?