TLS/SSL Decryption
Eliminate network blind spots – your Zero Trust Architecture demands it.
Efficiently Inspect and Monitor Encrypted Traffic
With the volume of encrypted traffic on the rise, including adoption of the latest TLS 1.3 protocol, network security teams need efficient decryption capabilities. Decrypting select TLS/SSL traffic allows inspection by security and monitoring tools while maintaining overall data security. Employing intelligent decryption underpins a Zero Trust architecture by validating encrypted traffic complies with your security policies.
GigaSMART® TLS/SSL Decryption brings deep observability to encrypted traffic. This licensed application enables SecOps, NetOps, and applications teams to:
- Detect previously concealed threat activity in encrypted traffic
- Bolster network security against data breaches and threats through encrypted communication safeguards
- Enhance application and network performance monitoring
- Gain insights into application and network usage patterns
Streamline and boost the effectiveness of your security and monitoring tools by delegating resource-intensive decryption tasks.
WEBINAR
Understanding TLS Decryption: Getting It Right
Benefits
Leverage Existing Tools
Allow inspection by security and monitoring tools while maintaining overall data and security posture.
Maintain Data Encryption
Enable decrypted data to be re-encrypted before sending it to its intended destination.
Reinforce Zero Trust
Validate encrypted traffic to reinforce Zero Trust architectures and enforce security policies.
See How it Works
Product Details
GigaSMART TLS/SSL Decryption excels in centralizing and offloading TLS/SSL decryption and re-encryption tasks, even accommodating TLS 1.3, thereby enhancing the effectiveness of your security tools and mitigating performance challenges. Integration into your hybrid cloud infrastructure ensures deep observability across architectures, allowing authorized traffic while exposing potential TLS/SSL-encased malware, thereby reinforcing overall network security. GigaSMART TLS/SSL Decryption supports both inline (break and inspect) and passive (out-of-band) modes.
Flexible Deployment Options
Enable TLS/SSL detection on any port or application, with 10 Mb up to 100 Gb interface support. Decrypt once, feed as many tools as required.
Future-Proof Scalability
Protect tool performance and scale as needed. Support easy tool maintenance, updates, and upgrades.
Integration Options
Integrate smoothly with the Venafi TPP™ and Entrust nCipher™ to centralize key management and validation. Address diverse needs by supporting inline or out-of-band decryption. Enable automatic TLS/SSL detection on any port.
Resources
What Is SSL/TLS Decryption?
To protect vital data, enterprises and other organizations implement Transport Layer Security (TLS), commonly referred to as the superseded Secure Socket Layer (SSL), to encrypt data as it is exchanged over IP networks. But what is SSL decryption and how does it work? SSL/TLS creates a secure channel between the server and the end user's computer or other devices as they exchange information over the internet and different browsers.
TLS is an industry standard based on a system of trusted rules and certificates issued by certificate authorities and recognized by servers. SSL decryption was replaced by the TLS standard in 2015. In 2018, TLS 1.3 was standardized, which is a policy that mandates the use of perfect forward secrecy for maximum security. About 20 percent of corporate internet traffic is now on TLS 1.3.[3]
While protecting data, encryption also blinds network security and application monitoring tools. TLS/SSL decryption traffic is crucial for these tools. However, it is extremely computationally intensive and can introduce network latency.
The best architecture minimizes the decryption required to inspect all relevant and active traffic while offering legal and privacy controls. The centralized approach to SSL decrypting offered by Gigamon — decrypt once and feed all tools — provides such an architecture.
FEATURE BRIEF
GigaSMART TLS/SSL Decryption
Scalable, automatic visibility and management of TLS/SSL traffic.
SOLUTION BRIEF
Gigamon SecureVUE for Security Operations
GigaSMART application bundles address growing infrastructure visibility needs.
TLS TRENDS REPORT
Gigamon Analysis Exposes Risks of Encryption
We reviewed 1 trillion+ HTTP and HTTPS live network flows. Here’s what we found.
“Before Gigamon, we had out-of-band SSL decryption everywhere, and we were decrypting about 65 percent of traffic on average. Now, with the GigaSMART SSL decryption engine, we typically get well over 90 percent visibility in the encrypted traffic.”
“Gigamon is traditionally thought of as a network efficiency platform, but the underlying technology has radical implications in cybersecurity as well. Visibility of encrypted packets is more of a must-have than a like-to-have, and intelligent traffic handling is a requisite in optimizing bandwidth and reducing storage costs.”
"It's a set it and forget it type of appliance, I love the deduplication features, SSL Decryption, and multiple cloud virtual tap functionality! So this is a very hybrid solution!"
Gartner® and Peer Insights™ are trademarks of Gartner, Inc. and/or its affiliates. All rights reserved. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.
Dive Deeper
See what your peers are talking about in the VÜE Community
Take a Gigamon Tour
See the tech. Touch the tech.