Deep Session Inspection with SSL Inspector

Secure Sockets Layer (SSL)-encrypted communications have enabled a variety of secure, web-based communications, online transactions, and VPN services. SSL has become the dominant client-based encryption protocol and now constitutes a significant and growing percentage of the traffic in the enterprise LAN and WAN, as well as throughout service provider networks.

However, the privacy benefits provided by SSL can quickly be overshadowed by the risks it brings to the enterprise. Network-based threats, such as spam, spyware, and viruses—not to mention phishing, identity theft, data leakage of confidential information, and other forms of cyber crime—have become commonplace. Network security appliances, though, are blind to the payloads of SSL-encrypted communications and cannot inspect these flows, leaving a hole in any enterprise security architecture.

The Fidelis SSL Inspector family of appliances is a transparent SSL proxy that allows organizations to identify threats hidden within SSL encrypted communications with no impact to existing network configurations and performance. Working seamlessly with our flagship network security solution, Fidelis XPS™, the Fidelis SSL Inspector appliances provide organizations with a best-in-class approach to network security. By removing the serious blind spots in network security, content inspection, and threat detection created by SSL, and leveraging the Fidelis XPS Deep Session Inspection® architecture, the combined solution extends the unparalleled visibility and control of Fidelis XPS to the increasingly high volume of encrypted traffic that may be entering and/or leaving the network.

Fidelis SSL Inspector allows Fidelis XPS and its Deep Session Inspection architecture to be deployed with the highest levels of flow analysis and SSL visibility while still maintaining multi-gigabit, line-rate network performance, enabling:

• Network Transparency: Fidelis SSL Inspector can be deployed transparently in the network, and does not require network configuration, IP addressing or topology changes, or modification to client IP and Web browser configurations.

• Application Preservation: Intercepted plaintext is delivered to Fidelis XPS as a regenerated TCP stream with the packet headers as they were received. This allows Fidelis XPS to extend its Deep Session Inspection benefits for both inbound and outbound SSL encrypted traffic.

• Policy Configuration: Fine-grained policy control provides the ability to cut-through non-SSL flows via 7-tuple classification and to control which SSL flows are inspected, passed through or sent to Fidelis XPS for analysis.

• SSL Session Identification: The session log provides details of all SSL flows, inspected or not, allowing suspicious trends or patterns of SSL use to be detected.

• High Availability: Integrated fail-to-wire/fail-to-open hardware, traffic bypass filters and configurable link state monitoring and mirroring for guaranteed network availability and network security.

• Web-based Management: Fidelis SSL Inspector is configured and managed via an SSL-secured web-based graphical user interface, keeping administration simple.

Fidelis SSL Inspector appliances allow Fidelis XPS and its Deep Session Inspection architecture to be deployed with the highest levels of flow analysis and SSL visibility while still maintaining multi-gigabit, line-rate network performance.

The Fidelis SSL Inspector appliances are available in two rack mountable models, the Fidelis SSL Inspector is a 2U 1 Gigabit appliance and the Fidelis SSL Inspector 10G is a 1U 10 Gigabit appliance.

Contact us today to learn more about how Fidelis XPS and Fidelis SSL Inspector can extend your network visibility into and over all network traffic, including SSL-encrypted communications.