cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4239
Views
0
Helpful
1
Replies

Cisco IPS and SSL Inspection?

saicuser1
Level 1
Level 1

We have recently purchased a Cisco ASA 5512-X and I'm just curious if there is anyway for the ASA or a 3rd party tool working with the ASA, to monitor Decode/Reencode SSL traffic? Otherwise, anyone can simply access a ssl web site e.g. https://www.youtube.com and bypass the entire IPS?

Regards,

Craig

1 Accepted Solution

Accepted Solutions

It won't work with the IPS because that can't decrypt the traffic. The new "native" way of inspecting SSL-traffic is to use ASA-CX:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-700607_ps12521_Products_Q_and_A_Item.html


Sent from Cisco Technical Support iPad App

View solution in original post

1 Reply 1

It won't work with the IPS because that can't decrypt the traffic. The new "native" way of inspecting SSL-traffic is to use ASA-CX:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-700607_ps12521_Products_Q_and_A_Item.html


Sent from Cisco Technical Support iPad App

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: