Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
792
Views
0
Helpful
3
Replies

how can the IPS inspect the encrypted packets?

hanyawad
Level 1
Level 1

‎05-24-2010 03:27 AM - edited ‎03-10-2019 05:00 AM

dear experts, hello

i'd like to ask a question about how the IPS can inspect and prevent any atteck in the encrypted packets in some sessions

such as vpn or ssh sessions, is there a technique helping for

that in the IPS?

thanks alot for your help

labib makar

Labels:
0 Helpful
3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

‎05-24-2010 04:39 AM

No, unfortunately you can't inspect encrypted traffic on IPS. Not supported.

0 Helpful

hanyawad
Level 1
Level 1
In response to Jennifer Halim

‎05-24-2010 06:20 AM

so how can we protect the network from the attakes that come in the vpn tunnelling or ssh channel, for example?

thanks for your reply

labib

0 Helpful

Scott Fringer
Cisco Employee
Cisco Employee
In response to hanyawad

‎05-24-2010 06:26 AM

Labib;

  For traffic exiting a VPN tunnel, you can place the IPS sensor behind the VPN termination point so it has access to the unencrypted traffic.

  There is not an option to inspect SSL encrypted traffic; you would need to rely on a host-based system such as Cisco Security Agent to assist in providing such protection.

Scott

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card