0

SSL Visibility appliance deployment

Posted on Jan 10 2018, 7:25 PM

Hi, 

I work for wholesale Internet service provider, we dont authenticate (no digital certs) our clients since we provide them with transport only. How can we deploy SSLV appliance to inspect ssl traffic passing through us.

BR

  • DigiCert SSL TLS Certificates
  • Not Applicable
  • Products
Comments
  • 0

    Hi Kgotla,

    If you do not own management of end point (i.e. the ability to install a PKI cert into the Operating System certificate store), decrypting/resigning of the SSL/TLS session would be spotted by the client machine and the red warnings would appear.  i.e. you are performing a unsanctioned MITM.

    If you however wish to audit SSL flows for cipher suites used, SNI, souce/destination, solutions like Security Analytics would be better.

    Andy