• |
Thunder® SSL Insight (SSLi®)

SSL/TLS Visibility

A comprehensive SSL/TLS decryption solution that enables your security devices to efficiently analyze all enterprise traffic while ensuring compliance, privacy, and boosting ROI

Schedule Demo
Resources
Data Sheet
Thunder SSLi: Real-time Visibility Into Encrypted Traffic
Video
SSL Insight AppCentric Templates (ACT)
White Paper
Zero Trust is Incomplete Without TLS Decryption

Key Benefits of Thunder SSLi

Eliminate the Blind Spot

  • Enable your security devices to detect and stop hidden threats
  • Augment your entire security infrastructure, including inline, out-of-band and ICAP enabled devices
  • Gain full control over cipher selection to ensure continued security

Ensure Compliance and Privacy

  • Ensure compliance with security and privacy standards like HIPAA, PCI and GDPR
  • Maintain granular, policy-based control over your network traffic
  • Ensure user privacy with traffic categorization and bypassing

Increase ROI

  • Secure your investments by eliminating the blind spot that affects your existing security devices
  • Boost the performance of your security infrastructure by off-loading decryption
  • Avoid unnecessarily replacing or upgrading your existing devices
eBook

Exposing Hidden Threats

In response to the rising cost of cybercrime over the past several years, as well as concerns about protecting data privacy, organizations have increasingly adopted SSL encryption to safeguard their valuable information assets. As of 2018, Google has stated 94% of all their network traffic in North America is encrypted. But this has created new risks. Hackers hide cyber-attacks in SSL traffic to bypass defenses.

download ebook

Key Features of Thunder SSLi

  • Full Visibility of Network Traffic

  • Data Loss Prevention

  • Full-Proxy Control

  • Compliance and Security

  • Traffic Steering

  • Analytics & Management

Download Datasheet

  • Full Visibility of Network Traffic

    • Decrypt traffic across all TCP ports and advanced protocols like SSH, STARTTLS, XMPP, SMTP and POP3
    • Deliver high- performance decryption with multiple cipher suites including elliptical curve cryptography (ECC) for perfect forward secrecy (PFS) support
    • Provide visibility to all security devices, including inline, out-of-band and ICAP- enabled devices

  • Data Loss Prevention

    • Stop encrypted data exfiltration by providing visibility to your existing Data Loss Prevention (DLP) systems
    • Connect to any DLP system using the in built-in ICAP support

  • Full-Proxy Control

    • Control which ciphers are used for encryption between the client and SSLi, and between the SSLi and server
    • Renegotiate to ciphers of similar strength to prepare for future ciphers or TLS versions
    • Be ready for TLS 1.3, avoiding deployment complications

  • Compliance and Security

    • Selectively bypass traffic decryption to enforce privacy policies using a list of over 460 million domains
    • Ensure compliance with GDPR by decrypting traffic selectively and stopping encrypted data exfiltration
    • Use URL filtering to block access to specific web categories, including known malicious destinations, to maximize employee productivity and security
    • Leverage multiple onboard HSMs to enable secure and tamper-proof storage of encryption keys

  • Traffic Steering

    • Selectively steer traffic based on fine-grained policies including application type and/or user ID
    • Increase security capacity by load-balancing multiple security devices
    • Augment SaaS growth with traffic categorization and local breakout

  • Analytics & Management

    • Gain real-time, actionable insights into traffic statistics, categorization, suspicious activities, and more
    • Manage multi-site deployments from a central location
    • Simplify management and configuration with on-box AppCentric Templates (ACTs)

Centralized Decryption & Control

Decrypt traffic for your entire security infrastructure, gain actionable insights and supplement your enterprise growth by managing multi-site SSLi deployments from a central location.

Centrally Manage Your Apps

Use Case Videos

Block outbound traffic to proxies using SSL Insight Threat Intelligence

Video

Blocking traffic to proxies using Threat Intelligence

Integrate SSL Insight With Opswat Metadefender ICAP Server

Video

SSL Insight integration with OPSWAT Metadefender ICAP Server

Filter urls based on user or group IDs with SSL Insight

Video

Filtering URLs based on User/Group IDs with SSL Insight

Access and use the threat investigator on SSL Insight

Video

How to access and use the Threat Investigator on SSL Insight

Configure firewall load balancing with SSL insight

Video

How to configure Firewall Load Balancing with SSL Insight

Configure selective decryption on SSL Insight

Video

How to configure selective decryption on SSL Insight

Handle expired certificates with SSL Insight

Video

How to handle expired certificates with SSL Insight

Network Integrations

Built to seamlessly integrate with your existing security infrastructure

Next- Generation Firewalls

  • Cisco FirePOWER and WSA
  • Palo Alto Networks NGFW
  • Check Point NGFW
  • SonicWALL SuperMassive NGFW

Intrusion Prevention Systems

  • McAfee Network Security Platform
  • Secureworks iSensor
  • Fidelis Cybersecurity Network

Advanced Threat Protection

  • FireEye Network Security
  • OPSWAT ICAP Server

Other Integrations

  • Digital Guardian DLP
  • RSA NetWitness
  • Symantec ProxySG and DLP
  • Forcepoint Trusted Gateway System
  • IBM QRadar Incident Forensics
  • Trend Micro Deep Security
  • Bivio Networks Cybersecurity

Additional Options

Additional services, products, solutions in which you may be interested.

Harmony Controller

Gain comprehensive, real-time and actionable insights with application-level visibility.

Simplify operations and increase agility. Centrally- manage deployment and security policy implementation.

Thunder CFW

Upgrade to a Thunder CFW and gain access to additional security capabilities, including stateful and application-level firewall capabilities.

SSL Visibility Scale-Out with Thunder ADC

For solutions where hyperscale performance is required, Thunder ADC can be used to distribute traffic across multiple Thunder SSLi devices.

Technical Partners Spotlight

Cisco Firepower

LEARN MORE

OPSWAT ICAP Server

LEARN MORE

McAfee Network Security Platform

LEARN MORE

Secureworks iSensor

LEARN MORE

FireEye NX Series

LEARN MORE

Fidelis Cybersecurity Network

LEARN MORE

RSA NetWitness

LEARN MORE

Digital Guardian Network DLP

LEARN MORE

Additional Resources

How to Optimize & Scale Your Enterprise Security Without Spending More on NGFW

BROCHURE

How to Optimize & Scale Your Enterprise Security Without Spending More on NGFWs

BLOG

Major Hurdles You Face in Effectively Inspecting and Blocking Malicious Traffic

SSL Insight: Uncover Hidden Threats in Encrypted Traffic Solution Brief

SOLUTION BRIEF

SSL Insight Uncover Hidden Threats in Encrypted Traffic

The Ultimate Guide To SSL/TLS Decryption White Paper

WHITEPAPER

Six Features to Consider when Evaluating SSL/TLS Inspection Solutions

View All Thunder SSLI Resources