Thunder® SSL Insight (SSLi®)

SSL/TLS Visibility

A comprehensive SSL/TLS decryption solution that enables your security devices to efficiently analyze all enterprise traffic while ensuring compliance, privacy, and boosting ROI

Key Benefits of Thunder SSLi

Legacy Security is Inadequate

Eliminate the Blind Spot

Legacy Security is Inadequate

Ensure Compliance and Privacy
  • Ensure compliance with security and privacy standards like HIPAA, PCI and GDPR
  • Maintain granular, policy-based control over your network traffic
  • Ensure user privacy with traffic categorization and bypassing

Legacy Security is Inadequate

Increase ROI
  • Secure your investments by eliminating the blind spot that affects your existing security devices
  • Boost the performance of your security infrastructure by off-loading decryption
  • Avoid unnecessarily replacing or upgrading your existing devices

Combating the Surge of Modern Malware and Ransomware

This eBook will explore the reasons these malware and ransomware attacks have increased so dramatically, and more importantly, how to build a strategy to protect your data and networks against these attacks.

Download Ebook

Key Features of Thunder SSLi

Full Visibility of Network Traffic

Full Network Traffic Visibility

  • Decrypt traffic across all TCP ports and advanced protocols like SSH, STARTTLS, XMPP, SMTP and POP3
  • Deliver high- performance decryption with multiple cipher suites including elliptical curve cryptography (ECC) for perfect forward secrecy (PFS) support
  • Provide network traffic visibility to all security devices, including inline, out-of-band and ICAP- enabled devices
Data Loss Prevention

Data Loss Prevention

  • Stop encrypted data exfiltration by providing visibility to your existing Data Loss Prevention (DLP) systems
  • Connect to any DLP system using the in built-in ICAP support
Full-Proxy Control

Full-Proxy Control

  • Control which ciphers are used for encryption between the client and SSLi, and between the SSLi and server
  • Renegotiate to ciphers of similar strength to prepare for future ciphers or TLS versions
  • Be ready for TLS 1.3, avoiding deployment complications
Compliance and Security

Compliance and Security

  • Selectively bypass traffic decryption to enforce privacy policies using a list of over 460 million domains
  • Ensure compliance with GDPR via selective SSL decryption traffic, stopping SSL encrypted data exfiltration
  • Use URL filtering to block access to specific web categories, including known malicious destinations, to maximize employee productivity and security
  • Leverage multiple onboard HSMs to enable secure and tamper-proof storage of encryption keys
Traffic Steering

Traffic Steering

  • Selectively steer traffic based on fine-grained policies including application type and/or user ID
  • Increase security capacity by load-balancing multiple security devices
  • Augment SaaS growth with traffic categorization and local breakout
Analytics & Management

Analytics & Management

  • Gain real-time, actionable insights into traffic statistics, categorization, suspicious activities, and more
  • Manage multi-site deployments from a central location
  • Simplify management and configuration with on-box AppCentric Templates (ACTs)

Centralized Decryption & Control

Decrypt traffic for your entire security infrastructure, gain actionable insights and supplement your enterprise growth by managing multi-site SSLi deployments from a central location.

Centrally Manage Your Apps

Network Integrations

Built to seamlessly integrate with your existing security infrastructure

Legacy Security is Inadequate

Next- Generation Firewalls
  • Cisco FirePOWER and WSA
  • Palo Alto Networks NGFW
  • Check Point NGFW
  • SonicWALL SuperMassive NGFW

Legacy Security is Inadequate

Other Integrations
  • Digital Guardian DLP
  • RSA NetWitness
  • Symantec ProxySG and DLP
  • Forcepoint Trusted Gateway System
  • IBM QRadar Incident Forensics
  • Trend Micro Deep Security
  • Bivio Networks Cybersecurity

Legacy Security is Inadequate

Intrusion Prevention Systems
  • McAfee Network Security Platform
  • Secureworks iSensor
  • Fidelis Cybersecurity Network

Legacy Security is Inadequate

Advanced Threat Protection
  • FireEye Network Security
  • OPSWAT ICAP Server

Additional Options

Additional services, products, solutions in which you may be interested.

Legacy Security is Inadequate

Harmony Controller

Gain comprehensive, real-time and actionable insights with application-level visibility.

Simplify operations and increase agility. Centrally- manage deployment and security policy implementation.

Legacy Security is Inadequate

Thunder CFW

Upgrade to a Thunder CFW and gain access to additional security capabilities, including stateful and application-level firewall capabilities

Legacy Security is Inadequate

SSL Visibility Scale-Out with Thunder ADC

For solutions where hyperscale performance is required, Thunder ADC can be used to distribute traffic across multiple Thunder SSLi devices.

Ready to get started?