• Client-Side SSL Inspection & Sniffing Solution

    The Challenge

    Today's financial organizations are required to meet regulatory compliance of financial information disclosures that often scale to a high capacity. Existing Malware protection, data loss prevention (DLP) and other security solutions lack any ability for SSL inspection, or offer limited capacity and scalability when processing SSL-encrypted traffic. Hence, it is required having visibility into encrypted communications using SSL as well as separating between traffic from trusted and un-trusted services.

    From a security standpoint, this also means preventing Malwares spread via encrypted services such as file sharing and email, as well as eliminating egress of encrypted communications from Malware to command & control servers on the Internet.

    The Solution

    Radware's client-side inspection and sniffing solution, which consists of Content Inspection Director (CID) and AppXcel, allows fully addressing the aforementioned challenges. Radware CID, a transparent smart redirection and dynamic policy enforcement device, transparently intercepts traffic, enabling to load balance bump-in-the-wire devices (such as IDS, IPS, DLP, anti-Malware, etc.) and pin traffic for client-side SSL inspection. Using a deep packet/flow inspection (DPI/DFI) engine, CID enables to employ a logical topology of the network devices, meaning that they can be quickly bypassed inspections if needed.

    The client-side SSL inspection takes place by Radware AppXcel, which uses a highly-scalable SSL decryption/encryption architecture which is FIPS 140-2 Level 2 & 3 compliant. This allows sending clean traffic to further inspection by the designated security devices, and then re-encrypting traffic before it is sent out to additional services in the Internet.

    CID Traffic Steering

    Business Benefits

    • Meet regulatory and compliance requirements on encrypted traffic with FIPS 140-2 Level 2 & 3
    • Full, real-time detection and prevention of Malware
    • Scalable, highly-available solution
    • Flexible solution allowing to dynamically addresses network/topology changes