Attack Mitigation Service
Emergency Response Team
Application Performance Monitoring
Cloud WAF Service
Cloud Web Acceleration Service
Cloud DDoS Protection Services
SSL Attack Protection
Alteon VA for Network Administrators
Alteon VA for Developers
Support Service & Knowledgebase
Certainty Support Program
Online Support Form
Schedules & Registration
The Americas (North & South)
EMEA (Europe, Middle East, & Africa)
APAC (Asia Pacific)
Israel (International Headquarters)
Europe - Middle East - Africa
Today's financial organizations are required to meet regulatory compliance of financial information disclosures that often scale to a high capacity. Existing Malware protection, data loss prevention (DLP) and other security solutions lack any ability for SSL inspection, or offer limited capacity and scalability when processing SSL-encrypted traffic. Hence, it is required having visibility into encrypted communications using SSL as well as separating between traffic from trusted and un-trusted services.
From a security standpoint, this also means preventing Malwares spread via encrypted services such as file sharing and email, as well as eliminating egress of encrypted communications from Malware to command & control servers on the Internet.
Radware's client-side inspection and sniffing solution, which consists of Content Inspection Director (CID) and AppXcel, allows fully addressing the aforementioned challenges. Radware CID, a transparent smart redirection and dynamic policy enforcement device, transparently intercepts traffic, enabling to load balance bump-in-the-wire devices (such as IDS, IPS, DLP, anti-Malware, etc.) and pin traffic for client-side SSL inspection. Using a deep packet/flow inspection (DPI/DFI) engine, CID enables to employ a logical topology of the network devices, meaning that they can be quickly bypassed inspections if needed.
The client-side SSL inspection takes place by Radware AppXcel, which uses a highly-scalable SSL decryption/encryption architecture which is FIPS 140-2 Level 2 & 3 compliant. This allows sending clean traffic to further inspection by the designated security devices, and then re-encrypting traffic before it is sent out to additional services in the Internet.