Japanese Chinese
Start Your 30-Day Free Trial
Thunder® SSL Insight (SSLi®)

SSL/TLS Visibility

A comprehensive SSL/TLS decryption solution that enables your security devices to efficiently analyze all enterprise traffic while ensuring compliance, privacy, and boosting ROI

Schedule Demo Start Your 30-Day Free Trial

Resources

Datasheet
Thunder SSLi: Real-time Visibility Into Encrypted Traffic
Video
SSL Insight - Beyond Simple SSL/TLS Decryption
White Paper
Zero Trust is Incomplete Without TLS Decryption

Key Benefits of Thunder SSLi

Legacy Security is Inadequate

Eliminate the Blind Spot

Legacy Security is Inadequate

Ensure Compliance and Privacy
  • Ensure compliance with security and privacy standards like HIPAA, PCI and GDPR
  • Maintain granular, policy-based control over your network traffic
  • Ensure user privacy with traffic categorization and bypassing

Legacy Security is Inadequate

Increase ROI
  • Secure your investments by eliminating the blind spot that affects your existing security devices
  • Boost the performance of your security infrastructure by off-loading decryption
  • Avoid unnecessarily replacing or upgrading your existing devices
EBOOK

Exposing Hidden Threats in SSL Encrypted Traffic

In response to the rising cost of cybercrime over the past several years, as well as concerns about protecting data privacy, organizations have increasingly adopted SSL encryption to safeguard their valuable information assets. As of 2018, Google has stated 94% of all their network traffic in North America uses SSL encryption, but this has created new risks. Hackers take advantage of SSL encryption to hide malware, ransomware and bypass defenses.

Download Ebook

Key Features of Thunder SSLi

Full Visibility of Network Traffic

Full Network Traffic Visibility

  • Decrypt traffic across all TCP ports and advanced protocols like SSH, STARTTLS, XMPP, SMTP and POP3
  • Deliver high- performance decryption with multiple cipher suites including elliptical curve cryptography (ECC) for perfect forward secrecy (PFS) support
  • Provide network traffic visibility to all security devices, including inline, out-of-band and ICAP- enabled devices
Data Loss Prevention

Data Loss Prevention

  • Stop encrypted data exfiltration by providing visibility to your existing Data Loss Prevention (DLP) systems
  • Connect to any DLP system using the in built-in ICAP support
Full-Proxy Control

Full-Proxy Control

  • Control which ciphers are used for encryption between the client and SSLi, and between the SSLi and server
  • Renegotiate to ciphers of similar strength to prepare for future ciphers or TLS versions
  • Be ready for TLS 1.3, avoiding deployment complications
Compliance and Security

Compliance and Security

  • Selectively bypass traffic decryption to enforce privacy policies using a list of over 460 million domains
  • Ensure compliance with GDPR via selective SSL decryption traffic, stopping SSL encrypted data exfiltration
  • Use URL filtering to block access to specific web categories, including known malicious destinations, to maximize employee productivity and security
  • Leverage multiple onboard HSMs to enable secure and tamper-proof storage of encryption keys
Traffic Steering

Traffic Steering

  • Selectively steer traffic based on fine-grained policies including application type and/or user ID
  • Increase security capacity by load-balancing multiple security devices
  • Augment SaaS growth with traffic categorization and local breakout
Analytics & Management

Analytics & Management

  • Gain real-time, actionable insights into traffic statistics, categorization, suspicious activities, and more
  • Manage multi-site deployments from a central location
  • Simplify management and configuration with on-box AppCentric Templates (ACTs)

Centralized Decryption & Control

Decrypt traffic for your entire security infrastructure, gain actionable insights and supplement your enterprise growth by managing multi-site SSLi deployments from a central location.

Centrally Manage Your Apps

Use Case Videos

block outbound traffic to proxies using ssl insight threat intelligence
Video

Blocking traffic to proxies using Threat Intelligence
integrate ssl insight with opswat metadefender icap server
Video

SSL Insight integration with OPSWAT Metadefender ICAP Server
filter urls based on user or group IDs with SSL insight
Video

Filtering URLs based on User/Group IDs with SSL Insight
access and use the threat investigator on SSL insight
Video

How to access and use the Threat Investigator on SSL Insight
configure firewall load balancing with SSL insight
Video

How to configure Firewall Load Balancing with SSL Insight
configure selective decryption on ssl insight
Video

How to configure selective decryption on SSL Insight
handle expired certificates with SSL insight
Video

How to handle expired certificates with SSL Insight

Certifications

Network Integrations

Built to seamlessly integrate with your existing security infrastructure

Legacy Security is Inadequate

Next- Generation Firewalls
  • Cisco FirePOWER and WSA
  • Palo Alto Networks NGFW
  • Check Point NGFW
  • SonicWALL SuperMassive NGFW

Legacy Security is Inadequate

Other Integrations
  • Digital Guardian DLP
  • RSA NetWitness
  • Symantec ProxySG and DLP
  • Forcepoint Trusted Gateway System
  • IBM QRadar Incident Forensics
  • Trend Micro Deep Security
  • Bivio Networks Cybersecurity

Legacy Security is Inadequate

Intrusion Prevention Systems
  • McAfee Network Security Platform
  • Secureworks iSensor
  • Fidelis Cybersecurity Network

Legacy Security is Inadequate

Advanced Threat Protection
  • FireEye Network Security
  • OPSWAT ICAP Server

Additional Options

Additional services, products, solutions in which you may be interested.

Legacy Security is Inadequate

Harmony Controller

Gain comprehensive, real-time and actionable insights with application-level visibility.

Simplify operations and increase agility. Centrally- manage deployment and security policy implementation.

Legacy Security is Inadequate

Thunder CFW

Upgrade to a Thunder CFW and gain access to additional security capabilities, including stateful and application-level firewall capabilities

Legacy Security is Inadequate

SSL Visibility Scale-Out with Thunder ADC

For solutions where hyperscale performance is required, Thunder ADC can be used to distribute traffic across multiple Thunder SSLi devices.

Technical Partners Spotlight

Cisco

Cisco Firepower

Learn More
OPSWAT

OPSWAT ICAP Server

Learn More
McAfee

McAfee Network Security Platform-

Learn More
Secureworks

Secureworks iSensor

Learn More
FireEye

FireEye NX Series

Learn More
Fidelis

Fidelis Cybersecurity Network

Learn More
RSA

RSA NetWitness

Learn More
Digital Guardian

Digital Guardian Network DLP

Learn More

Additional Resources

How to Optimize & Scale Your Enterprise Security Without Spending More on NGFW
Brochure

How to Optimize & Scale Your Enterprise Security Without Spending More on NGFWs
Inspecting Encrypted Traffic Blocking Malware
Blog

Major Hurdles You Face in Effectively Inspecting and Blocking Malicious Traffic
The Ultimate Guide To SSL/TLS Decryption White Paper
White Paper

Six Features to Consider when Evaluating SSL/TLS Inspection Solutions
VIEW ALL THUNDER SSLi RESOURCES Certifications
Let Us Help

Learn why thousands of businesses trust A10 Networks to protect and deliver their mission-critical applications

Contact Sales