Deployment Guides

AX Series for Palo Alto Networks SSL Intercept and Firewall Load Balancing

Resource description: 

Firewall or IPS/IDS (Intrusion Prevention System/ Intrusion Detection System) devices usually have difficulties inspecting SSL traffic because the content is encrypted. Some devices offer internal SSL decryption/encryption support but usually the performance requirements are not satisfied. To alleviate this problem, A10 Networks has introduced the "SSL Forward Proxy" feature, also known as "SSL Intercept". When configured for SSL Intercept, the AX Series Application Deliver Controller (ADC/Load Balancer) intercepts SSL encrypted traffic, decrypts it and forwards it through a firewall or Intrusion Prevention System (IPS). Another AX Series Load Balancer then takes this traffic and encrypts it again, and sends it to the remote destination.