NextGig Systems, Inc. - Network Connectivity & Test Solutions

Palo Alto Networks' Next-Generation Firewalls - SSL & SSH Decryption

Identify & Control Encrypted Traffic

Encryption can be a double edged sword, protecting legitimate traffic on one hand, while hiding illicit activity on the other. Using policy-based decryption and inspection, administrators can ensure that SSL and SSH are being used for business purposes as opposed to propagation of threats or unauthorized data transfer.

Questions? Call  1-805-277-2400

Identify, control and inspect outbound SSL traffic.



Policy based identification, decryption, and inspection of inbound SSL traffic (from outside clients to internal servers) can be applied as a means of ensuring that applications and threats are not hiding within SSL traffic. Server certificate and private key are installed on the Palo Alto Networks next-generation firewall to achieve the decryption. By default, SSL decryption is disabled.

palo_alto_evaluation.html
palo_alto_register.html
palo_alto_quick_quote.html

For more information, pricing, demonstration or evaluation on Palo Alto Networks Products please contact us here.

Identify, control and inspect inbound SSL traffic.


Policy-based identification, decryption and inspection of outbound SSL traffic (from users to the web) can be applied as a means of ensuring that applications and threats are not hiding within SSL traffic. A man-in-the-middle approach is used where device certificates are installed in the user's browser. By default, SSL decryption is disabled.

Identify and control SSH traffic.


Administrators can perform policy-based identification and control of SSH tunneled traffic. A man-in-the-middle approach is used to detect port forwarding or X11 forwarding within SSH as an ssh-tunnel, while regular shell or scp and sftp access to the remote machine is reported as ssh. By default, SSH decryption is disabled.

Features

 
/body>