Tools Challenged by SSL Decryption?

Decrypt and expose malware hiding in encrypted sessions while preserving your security tool performance.

What is SSL Decryption?

SSL Decryption is critical to securing today’s enterprise networks due to the significant growth in applications & services using encrypted traffic. SSL (Secure Sockets Layer) is an industry standard for transmitting secure data over the Internet. It is based on a system of trusted certificates issued by certificate authorities and recognized by servers. In recent years, SSL has evolved to the Transport Layer Security (TLS) standard.

Malware increasingly uses SSL/TLS sessions to hide, confident that security tools will neither inspect nor block its traffic. The very technology that makes the Internet secure can become a significant threat vector.

The decryption of SSL/TLS traffic is extremely computationally intensive and introduces latency so the best architecture minimizes the decryption required to inspect all relevant traffic while offering legal and privacy controls. The centralized approach offered by Gigamon provides such an architecture.

Decrypt and Inspect

Identify hidden threats in both inbound and outbound encrypted traffic while providing greater resiliency of the security infrastructure with integrated Inline Bypass.

Reduce Security Cost

Increase the ROI of existing security tools by eliminating the overhead of decryption on each security tool, allowing each tool to operate at peak performance.

Simplify Operations

Get the operational simplicity of a single point of decryption policy control and key management vs. replicating them across multiple security tools.

Decrypt Once and Scale Your Security Stack

GigaSMART® SSL/TLS Decryption is a licensed application that enables SecOps, NetOps and Applications teams to obtain complete visibility into SSL/TLS traffic regardless protocol or application, so that they can monitor application performance, analyze usage patterns and secure their networks against data breaches and threats using encrypted communications.  Gigamon supports both inline/MiTM and passive/out-of-band decryption of SSL/TLS, meeting the diverse needs of your organization.

  • SSL/TLS detection on any port or application
  • 10 Mb to 100Gb interface support
  • Decrypt once, share with any tools as many times as you need
  • Strong crypto support including Diffie-Hellman Ephemeral, Elliptic Curves, Poly1305/ChaCha20
  • Power controls over certificate validation, extending Certificate Revocation Lists and Online Certificate Status Protocol (OCSP)
  • Meet privacy and compliance requirements: included support for URL categorization

Benefits of SSL Decryption on Different Architectures

Traditional inline decryption technologies have limitations over inline decryption on a Security Delivery Platform. Firewalls and web security gateways decrypt SSL/TLS traffic but often cannot deliver that decrypted traffic to other monitoring and security tools. Likewise, load balancers are good at terminating SSL/TLS traffic and load balancing to servers but lack the ability to distribute this traffic to multiple inline security tools prior to re-encryption. Lastly, these solutions lack the traffic selection controls to forward non-encrypted traffic at line rate and often send all traffic to the decryption engine, creating performance challenges.

capacity GigaSMART SSL Decryption Firewall Load Balancer Standalone Decryptors
Enhances existing security tools by centralizing and offloading SSL decryption and re-encryption. Y/N Y/N Y/N Y/N
Exposes hidden threats, data exfiltration and malware. Y/N Y/N Y/N Y/N
Supports flexible arrangements of inline security tools with automated resiliency against failures. Y/N Y/N Y/N Y/N
Respect data privacy compliance with policy-based selective decryption. Y/N Y/N Y/N Y/N
Service chain multiple traffic intelligence applications (e.g. packet slicing, masking, de-duplication, Adaptive Session Filtering). Y/N Y/N Y/N Y/N


Encrypted Threats are Lurking in Your Traffic

Accelerate detection and response with SSL/TLS decryption.


SSL/TLS Decryption

Scalable, automatic visibility and management of SSL/TLS traffic.


Inline SSL Decryption

Instructions for deploying Inline SSL on GigaVUE-OS within an enterprise network.

Beacon Health Options Protects Patient Data with SSL Decryption

Training: SSL Decryption

Learn about Gigamon Inline SSL Decryption from the leader in visibility.

Man looking at a phone

Have Questions?

We're here to help you find the right decryption solution for your business.

Related Pages

GigaSECURE Security Delivery Platform



Route the right traffic to the right tools.

Inline Bypass


Inline Bypass

Reduce network downtime in the face of threats.





Optimize traffic sent to your tools.




Cybercriminals are always trying something new. Are you?