There are a lot of misconceptions about breaking and inspecting SSL (Secure Sockets Layer) traffic. So much so that some companies elect to go without the ability altogether.
In this video, A10 Senior Federal Lead SE James Schweitzer separates fact from fiction when it comes breaking and inspecting encrypted traffic and highlights the benefits of a dedicated SSL/TLS decryption solution like A10 Thunder SSLi:
A10 has a legacy of performance and scale with our ADC solutions, which we’ve applied to SSL break and inspect with A10 Thunder SSLi to ensure it has no negative impact on performance. Users won’t experience delays and they won’t be unhappy. And, A10 Thunder SSLi will increase security posture by providing traffic decryption. It’s a win-win.
A10 offers versatile deployment options – in Layer 2 or Layer 3 – for companies that are already doing some break and inspect and companies that aren’t doing it at all. If your company has web proxies, transparent or explicit, we want to work with you and let you know you don’t have to re-architect your entire network and you don’t have to rip and replace your security infrastructure to properly break and inspect SSL traffic.
A10 implements a hardware security module (HSM) and can support up to four HSMs on A10 Thunder SSLi. HSMs are a one-way trap door where we can take keys in and they can’t be extracted even with physical access to the device, ensuring keys are not at risk.