cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
692
Views
5
Helpful
5
Replies

IPS support SSL encrypted threat protection

moabdallah
Level 1
Level 1

Does Cisco IPS 4200 series support SSL encrypted threat protection ?

Regards

Mohamed

5 Replies 5

mhellman
Level 7
Level 7

If you mean can the Cisco IPS store SSL private keys and decrypt sessions (for example, SSL sessions to your own web servers)....then no.

I mean inspect the SSL traffic on the network

Regards

Mohamed

For any IPS to decrypt and inspect HTTPS traffic (I assume that's what you are really after) it would have to either:

1) have the necessary private keys ahead of time (like BreachView). For example, this would allow you to inspect traffic to your OWN web servers.

2) operate as a MITM, offering up fake SSL certs to the client. This is how many of the Content Filtering solutions are able to inspect user traffic that is encrypted. This would allow you to inspect user traffic.

Neither of these can be done with the Cisco IPS.

What is the BreachView & MITM ?

Coudl you please send me any document explain this issue ?

I need the Cisco IPS 4255 to decrypt and inspect the SSL traffic

Regards

Mohamed Abdallah

Sorry if this sounds blunt or callous, but perhaps a bit more career development in the information security field is in order. If time is short, I suggest engaging a consultant or consulting firm which specializes in the infosec field to assist you in managing your expectations of a network security system.

MITM is an acronym for Man in the middle. I highly recommend a bit of GBT (Google Based Trainig). Here's a freebie.

http://en.wikipedia.org/wiki/Man_in_the_middle

You can read about Breach Security Inc. products here.

http://www.breach.com/products_breachviewssl.asp

Another free tip, be mindful of the privacy issues if you go down this path.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: