The world of internet traffic is ever-changing. More and more companies are increasing security for their clients, which is counterproductive to what this appliance is supposed to be doing. The devices in question, the Thunder SSLi's, are decryption appliances, among other things. They do things other than decryption but what we bought them for was decryption. They sit in-line in the network, in the middle of the traffic, between servers and the clients, and they decrypt the encrypted traffic and send it to a specific location for processing. The traffic is then sent back and re-encrypted. This way, the user, who was going to some dot-com site, won't know that the website was intercepted, decrypted, looked at, and then cleared for delivery. This helps a lot in trying to identify sites that have malware because, if you can't see the traffic, you don't know what's inside of it.
* SSL encryption * SSL decryption * Traffic inspection * Content inspection We also have the Thunder SSLi Harmony Controller, which is used for encrypted attacks and inspecting encrypted traffic. Our primary mission is to ensure students are safe. This is a key component in making sure the safety of our students, client family, and the people who work within our district's boundaries. We use the most up-to-date version, as we keep our firmware updated. We are using its on-premise hardware.
We're using it for our SSL operation. A10 has a "sandwich model." There are two boxes, one of them is on our internal network and the other one is on our external network which is just in front of the internet router. The first box decrypts SSL traffic, HTTPS traffic, and the other box, in front of the router, encrypts again. Between these two boxes, all the HTTPS traffic is clear text, and all the devices between the two A10 devices see all the clear text which means they can intercept all the traps or all the applications. We have a firewall, proxies, IPS, and some network deep-packet inspection devices all between two SSLi boxes so they can see the clear text traffic. They can intercept all traffic without decrypting and encrypting. The traffic is all ready for them. We use it on-prem.
SSL encrypted traffic is growing, rendering most security devices ineffective.Gain visibility into encrypted traffic with SSL Insight and stop potential threats.
The world of internet traffic is ever-changing. More and more companies are increasing security for their clients, which is counterproductive to what this appliance is supposed to be doing. The devices in question, the Thunder SSLi's, are decryption appliances, among other things. They do things other than decryption but what we bought them for was decryption. They sit in-line in the network, in the middle of the traffic, between servers and the clients, and they decrypt the encrypted traffic and send it to a specific location for processing. The traffic is then sent back and re-encrypted. This way, the user, who was going to some dot-com site, won't know that the website was intercepted, decrypted, looked at, and then cleared for delivery. This helps a lot in trying to identify sites that have malware because, if you can't see the traffic, you don't know what's inside of it.
* SSL encryption * SSL decryption * Traffic inspection * Content inspection We also have the Thunder SSLi Harmony Controller, which is used for encrypted attacks and inspecting encrypted traffic. Our primary mission is to ensure students are safe. This is a key component in making sure the safety of our students, client family, and the people who work within our district's boundaries. We use the most up-to-date version, as we keep our firmware updated. We are using its on-premise hardware.
We're using it for our SSL operation. A10 has a "sandwich model." There are two boxes, one of them is on our internal network and the other one is on our external network which is just in front of the internet router. The first box decrypts SSL traffic, HTTPS traffic, and the other box, in front of the router, encrypts again. Between these two boxes, all the HTTPS traffic is clear text, and all the devices between the two A10 devices see all the clear text which means they can intercept all the traps or all the applications. We have a firewall, proxies, IPS, and some network deep-packet inspection devices all between two SSLi boxes so they can see the clear text traffic. They can intercept all traffic without decrypting and encrypting. The traffic is all ready for them. We use it on-prem.