Solutions
 

SSL Inspection, Offloading and Acceleration

Remove Blind Spots from the Enterprise's Perimeter

While SSL encrypted traffic is on the rise (over 80% is encrypted in most organizations) hackers are taking advantage of that, generating cyber-attacks through SSL encrypted communication.

However, the perimeter security solutions comprised from various modules such as a Firewall, DDoS protector, IPS, and web security gateway all face a costly dilemma – inspect SSL encrypted traffic and lose up to 80% of their designed capacity due to the processing of SSL encryption decryption, or have a blind spot, letting SSL traffic pass through uninspected. Moreover, even if each of the module was to inspect the SSL traffic, doing it separately by each model not only adds cost, it also adds latency and more potential points of failure.

A centralized solution that can enable SSL inspection, offloading and acceleration of encrypted traffic has become a mandatory requirement for all organizations, and not yet another nice to have solution.

SSL Inspection, Offloading and Acceleration with Radware's Alteon

In order to relieve Web servers in an organization's data center of the burden of encrypting/decrypting data sent via a secure socket layer (SSL) security protocol - the security protocol that is implemented in every Web browser - SSL offloading sends the process to a separate device to perform the coding/decoding task. This additional SSL offload device is specifically designed to perform SSL inspection acceleration and termination. Radware’s Alteon SSL inspection solution provides a simple one-box solution for offloading traffic encryption/decryption processing for both inbound and outbound traffic. Alteon SSL Inspect acts as a central switching point for all perimeter network security modules, significantly reducing latency of SSL encrypted. Security managers can easily chain and provision security services with highly granular policy options per user profile, with simple out-of-the box wizards. Alteon SSL Inspect supports scalable and flexible security services deployment and reduces overall security solution costs via offloading decryption and re-encryption of SSL encrypted traffic.

Radware's patented SSL inspection technology embedded in Alteon and combined with its transparent traffic steering functionality offers a high capacity, advanced and flexible SSL traffic inspection solution that is simple to deploy and delivers the following benefits:

Fast, Accurate and Simple SSL Inspect Maintenance

Quick visibility into SSL traffic patterns, SSL handshake statistics and valuable information into the root cause of SSL Inspection problems if and when they occur.

Transparent Deployment

Eliminate the need to re-engineer the network or configure end user clients to pass all traffic through a predefined SSL proxy.

Flexible Security Policies

Flexible Security Policies

With URL class-based classification, organizations can ensure user privacy is kept (i.e. traffic to banking sites is not inspected) based on class.

Reduced Latency

Reduced Latency

Through service chaining so SSL traffic only needs decryption and re-encryption once, and not for each security solution.

Seamless Scalability

Seamless Scalability

Scalable traffic inspection capacity against SSL attacks by simply adding more content inspection systems and load balancing.

Guaranteed Connectivity

Guaranteed Connectivity

Alteon ensures continuous connectivity through advanced health checks and with fail-to-wire in case of device malfunction.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia