Thomason Technologies, LLC

Sourcefire

Sourcefire SSL Appliance

SSL-encrypted traffic is exploding due to the enterprise-wide usage of cloud computing, secure e-commerce, Web 2.0 applications, email, and VPNs. Surveys show 25-35% of enterprise traffic is SSL-encrypted, and this number is up to 70% for select verticals. If not managed properly, SSL can leave a hole in any enterprise security architecture. Existing approaches to SSL-encrypted traffic range from passing everything to blocking everything. In some cases, companies deploy host-based IPS systems or install proxy SSL solutions, which can effectively inspect SSL but suffer from bottleneck issues and reduced network performance.

Decrypts SSL Traffic at 1Gbps Line Rate
The Sourcefire SSL Appliance decrypts SSL traffic and sends it to existing security and network appliances via dedicated gigabit Ethernet links. This enables existing IPS appliances to identify risks normally hidden by SSL such as regulatory compliance violations, viruses, malware, data loss, and intrusion attempts. Once the SSL traffic has been inspected and approved, the SSL Appliance places the SSL-encrypted traffic back on the network for its final destination—all with minimal latency and without altering SSL packets. Operates Transparently on Network The SSL Appliance is deployed as a transparent proxy and detects SSL sessions on all ports, not just the traditional port 443. It can run as a "bump-in-the-wire" and does not require network configuration, IP addressing or topology changes, or modification to client IP and web browser configurations. Further, transparent SSL proxies see all network traffic, not just SSL, and have the ability to cut-through non-SSL flows.

Supports Passive and Inline Configurations
The SSL Appliance supports both passive and inline configurations. When deployed passively, it sends traffic to a Sourcefire IPS also running in passive mode. Passive deployment is most useful for gaining full visibility into network traffic and what vulnerabilities may be exploited. The SSL Appliance can also be deployed inline as a "bump-in-the-wire" and operate with an IPS running in either passive or inline mode. When both the SSL Appliance and the IPS are deployed inline, they can block malicious exploit traffic. All Sourcefire SSL Appliances ship with fail-open 4-port 1G copper or fiber interfaces

 

 

Sourcefire - Network Critical - Coretrace - NIKSUN - Drobo


Thomason Technologies - 10924 Vance Jackson Suite 303 - San Antonio, Texas 78230 - 210.317.3403