SSL/TLS DecryptionProfitap NPB feature deep dive
SSL encryption is an essential factor in keeping network communications secure. However, while SSL encryption has proven its value, the encrypted data also results in blind spots for security appliances. Organizations must decrypt and analyze SSL traffic to ensure that it is not used as a conduit for hackers to transport and distribute malware.
The X3-Series supports in-line and passive SSL/TLS traffic decryption. The TLS decryption feature reduces blindspots that exist with encrypted traffic. X3-Series network packet brokers support passive decryption of TLS 1.2 and below. TLS 1.3 in-line decryption is done via a proxy. Decrypted traffic can be sent to an out-of-band security or analysis appliance.
After the monitoring data has been decrypted, it can be forwarded to network monitoring tools like IPS, IDS, protocol analyzers, SIEMs tools, etc. This reduces the load on these tools, allowing them to maximize their speed and capacity and the applications they run, such as sandboxes and IPS.
XX-Series Network Traffic Aggregators
A Network Traffic Aggregator is an entry level Network Packet Broker (NPB) that optimizes traffic flow between TAP and SPAN connections and network monitoring, and security tools.
X2 & X3 Network Packet Brokers
A Network Packet Broker (NPB) is a device that optimizes traffic with a set of advanced traffic management features, such as Packet Slicing, SSL/TLS Decryption, Data Masking, GTP IP Filtering, Timestamping, Packet Deduplication, and more.
Free consultation with a Profitap engineer
Questions about advanced packet broker features? We’re here to help. Fill in the form below for a free consultation with a Profitap Systems Engineer.