We changed our name from IT Central Station: Here's why

Top 8 SSL/TLS Decryption Tools

A10 Networks Thunder SSLiSymantec SSL Visibility ApplianceGigaSMART SSL TLS DecryptionFidelis Decryption
  1. leader badge
    Its most valuable feature is its ability to do its job accurately, effectively, and very quickly. The amount of traffic that we have going through our system is astounding... The delay with the SSL decryption turned on is almost unnoticeable.
  2. leader badge
    The ability to do SSL chaining is most valuable. It provides the ability to send decrypted traffic at close-to-line speed to products that can't decrypt. So, it can take the decrypted traffic and send it to your IPS or your other tools to be able to see what's inside of that traffic for DLP or malicious content detection. That's the whole beauty of it. It was probably the elephant in the room for the longest in terms of SSL decryption. It can get the high band, especially for places that had a lot of decryption to do, such as big finance companies, big telcos, etc.

Advice From The Community

Read answers to top SSL/TLS Decryption questions. 564,643 professionals have gotten help from our community of experts.
Hi professionals, There seems to be some controversy around whether or not SSL Inspection should be used by businesses.  What is your opinion - should they be used, and if so when? Conversely, what are the reasons for not using SSL inspection?
author avatarLeo Tse
Real User

SSL inspection requires high firewall resources, the use depends on what your objectives are. E.g., the SSL inspection is a must on WAF or Layer-7 IPS to protect inbound traffic to your servers,if you need very granular access control for your user to the Internet.  

On the other hand, explicit proxy deployment can achieve the URL/URI filtering purpose without SSL inspection for client outbound traffic protection. While SSL inspection is useless for layer-4 only firewall/IPS and webserver running TLS 1.3, DLP/sandbox in endpoint seems to be more effective than the network approach, because the delay in scan result will timeout the network connection. 

Consider SSL inspection on specific traffic types: it can save cost and settle the internal controversy. 

author avatarsupervis809292 (Supervisor of IT Infrastructure & Cybersecurity at a tech consulting company with 51-200 employees)

As more Internet traffic is encrypted each day at some point the majority of Internet traffic will be encrypted. SSL inspection is needed when a business needs to audit what their users are doing on the Internet. Cost and complexity are the largest reasons to not perform SSL inspection, especially on the network edge.

I'm not a huge proponent of performing SSL inspection at the network edge. Most solutions performance levels drops off the face of the planet when enabled and it is complex to setup and maintain. I think the better solution for SSL inspection is to perform it on endpoint devices. This will be cheaper and less complex overall and provide SSL inspection on laptops even when they are not in the office.

author avatarDavid Storey

SSL Inspection is great for corporate/organizational security as it allows you visibility into the traffic going across the network. It can also break access to some sites as it is technically a man-in-the-middle. (Anything requiring certificate authentication.) If you're going to do it, you really need a login banner for your systems that advises users that their activities are being monitored. You'll also need to install certificates on people's PC's. This won't work for guest users. I wouldn't store decrypted content though as you will have to safeguard that data as it will contain sensitive information. (Is it really worth the risk?)

author avatarEvert Ruiten

In general, there are some vulnerabilities in SSL that you should try to mitigate whenever possible. SSL inspection should help indeed.

author avatarLuis Apodaca

These days you should use it no matter if you are a home user, it is about security, and it will be easier each time to have leaked on your personal or professional info, a serious IT guy always should say you should use it.

author avatarrobofl

I used to be against this but leaning the other way now since just about every site is encrypted.  I think some sites need to be avoided like banking, credit card processing, payroll, etc.  Management, and especially the Accounting Dept needs to be in the loop.

author avatarMohammadAta

SSL Inspection or HTTPS Inspection is the process of intercepting SSL encrypted internet communication between the client and the server. The interception can be done between the server and the client and vice-versa, SSL Inspection intends to filter out dangerous content, such as malware. This inspection is also called Deep SSL Inspection or Full SSL Inspection. It allows the user to do web and email filtering, antivirus scanning, etc.SSL inspection not only protects you from attacks that use HTTPS, but also from other commonly used SSL-encrypted protocols, such as SMTPS, POP3S, IMAPS, and FTPS.