There is one thing I would like to see changed. In their features for setting things up, there is a templating system that would normally assist clients. However, we had a better time setting up the device either through the command line or through the interface and not using the templates that were pre-installed. So there is room for improvement to the templates for initial installation.
For us, it would be great if it supported SSL operations according to Active Directory users. For example, if we want to bypass one of the servers or a client's internet access for SSL interception, we have to do it according to the IP address. It would be better if we could do it according to the Active Directory username. A10 says they kind of support that but we haven't tested it. Another thing is SNI. A10 intercepts all the traffic according to the SNI, the server name indicator. It would be better if it intercepted traffic according to the IP addresses. A10 can only understand that a website is within the banking category or the website is in the social media category, according to the SNI. Without SNI, there is no way to understand it; there is no bypass operation. It would be better if worked without SNI as well. Also, the solution comes with web categories like banking and social media. There are suspicious URLs, malicious URLs, etc. It would be better if it had an application category as well. For example, it would be helpful if we had the chance to bypass all Office 365 applications: OneDrive, Skype, Outlook, etc. According to Microsoft, we need to bypass SSL for all Office 365 applications but we need to create custom categories and put all the Microsoft URLs in them and then we can bypass. It would be great if an application category could recognize Dropbox, for example. For now, we have to put the Dropbox URLs in one custom category and bypass them. Application categories could be very useful.
SSL encrypted traffic is growing, rendering most security devices ineffective.Gain visibility into encrypted traffic with SSL Insight and stop potential threats.
There is one thing I would like to see changed. In their features for setting things up, there is a templating system that would normally assist clients. However, we had a better time setting up the device either through the command line or through the interface and not using the templates that were pre-installed. So there is room for improvement to the templates for initial installation.
I would like them to have a better UI (better universal design). Better never stops.
For us, it would be great if it supported SSL operations according to Active Directory users. For example, if we want to bypass one of the servers or a client's internet access for SSL interception, we have to do it according to the IP address. It would be better if we could do it according to the Active Directory username. A10 says they kind of support that but we haven't tested it. Another thing is SNI. A10 intercepts all the traffic according to the SNI, the server name indicator. It would be better if it intercepted traffic according to the IP addresses. A10 can only understand that a website is within the banking category or the website is in the social media category, according to the SNI. Without SNI, there is no way to understand it; there is no bypass operation. It would be better if worked without SNI as well. Also, the solution comes with web categories like banking and social media. There are suspicious URLs, malicious URLs, etc. It would be better if it had an application category as well. For example, it would be helpful if we had the chance to bypass all Office 365 applications: OneDrive, Skype, Outlook, etc. According to Microsoft, we need to bypass SSL for all Office 365 applications but we need to create custom categories and put all the Microsoft URLs in them and then we can bypass. It would be great if an application category could recognize Dropbox, for example. For now, we have to put the Dropbox URLs in one custom category and bypass them. Application categories could be very useful.