Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

https scanning through IPS

Is it possible to scan all the https traffic passing through AIP module installed on ASA (inbound and outbound)?

3 REPLIES

Re: https scanning through IPS

Hi,

You can inspect the HTTPS traffic passing through the IPS module on the ASA.

But you need to know that since HTTPS is encrypted, the IPS will not be able to ''read'' the contents of the packet.

So, you can monitor the behavior of the HTTPS traffic, and so on, but you cannot decrypt and obtain the original content (data) of the packets.

Federico.

New Member

Re: https scanning through IPS

Is there any formal documentation from Cisco on this that I can present to the customer?

Re: https scanning through IPS

I'm not sure that I've seen a document.

It's the same with any cryptographic protocol (HTTPS, SSH, ISAKMP, SFTP, etc.)

Anything that goes encrypted can't be ''read'' since you would have to be able to decrypted prior to sending the traffic to the IPS for scanning.

Federico.

369
Views
0
Helpful
3
Replies
CreatePlease to create content