Key Benefits of Thunder SSLi
A comprehensive TLS decryption solution enabling security devices to analyze encrypted enterprise traffic and augment Zero Trust strategies
Eliminate the Blind Spot
- Enable your security devices to detect and stop hidden threats
- Maximize the effectiveness of your existing security solution irrespective of deployment type by offloading decryption/encryption duties
- Gain full control over cipher selection to ensure continued security
Ensure Compliance and Privacy
- Ensure compliance with security and privacy standards like HIPAA, PCI-DSS and GDPR
- Maintain granular, policy-based control over your network traffic
- Ensure user privacy with traffic categorization
- Secure your investments by eliminating the blind spot that affects your existing security strategy
- Boost your security infrastructure’s performance by off-loading decryption
- Avoid unnecessary upgrades and refreshes of your existing devices
Full Network Traffic Visibility
Decrypt and encrypt regular HTTPS traffic on any TCP port using dynamic port inspection. Decryption for additional protocols like STARTTLS, XMPP, SMTP, POP3, as well as SSH are supported.
Control TLS ciphers used between the client and SSLi solution, and between the SSLi solution and server. Renegotiate to ciphers of similar strength for modern ciphers or TLS versions. Support modern ciphers including ECC/PFS and TLS version 1.2/1.3.
Context-aware Traffic Management
Block user access to suspicious/unwanted sites with URL filtering and selectively bypass decryption using URL classification. Enable granular control on the application protocol level with application recognition engine.
Can be deployed in virtual-wire, L2 or L3 mode, and as inline transparent proxy or explicit proxy. Support inline L2/L3 third-party security devices and built-in ICAP for direct connection to DLP systems.
Enforce Privacy Policies
Ensure privacy and compliance standards by selectively decrypting traffic for HIPAA, PCI-DSS, GDPR, etc., using geolocation and a list of over 1 billion domains, and stopping SSL encrypted data exfiltration.
Intelligent Service Chaining
Selectively steer traffic based on application type, service ports and/or user ID with fine-grained polices to different service and security chains.
Real-time Actionable Insights
Gain real-time, actionable insights into TLS traffic characteristics, encrypted versus unencrypted traffic levels, application types and URL categories, suspicious activities, along with extensive transaction logs and more.
Manage multi-site deployments from a central location with the A10 Harmony Controller and simplify configuration with guided deployment wizard.
Security Solution Integration Examples
Built to seamlessly integrate with any solution in your existing Zero Trust infrastructure
Cisco FirePOWER, Palo Alto Networks NGFW, Check Point NGFW, SonicWALL NGFW
Intrusion Prevention Systems
Trellix IPS, Secureworks iSensor
Advanced Threat Protection
Trellix Network Security, OPSWAT MetaDefender, Fidelis Network
Digital Guardian DLP, Symantec Edge SWG, Forcepoint Trusted Gateway System, IBM Security QRadar, RSA NetWitness, Trend Micro Deep Security, Vectra NDR, Garland Technology NPB, Niagara Networks Bypass Switch
What Our Customers Are Saying
Over time, Tencent QQ of China estimates an actual dollar savings of over $5,000,000+ since deploying A10 Networks Thunder ADC and SSLi solutions.