https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449451#M67364 <HTML><HEAD></HEAD><BODY><P>Labib;</P><P></P><P>&nbsp; For traffic exiting a VPN tunnel, you can place the IPS sensor behind the VPN termination point so it has access to the unencrypted traffic.</P><P></P><P>&nbsp; There is not an option to inspect SSL encrypted traffic; you would need to rely on a host-based system such as Cisco Security Agent to assist in providing such protection.</P><P></P><P>Scott</P></BODY></HTML> Mon, 24 May 2010 13:26:27 GMT Scott Fringer 2010-05-24T13:26:27Z https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449448#M67361 <P>dear experts, hello</P><P></P><P>i'd like to ask a question about how the IPS can inspect and prevent any atteck in the encrypted packets in some sessions</P><P>such as vpn or ssh sessions, is there a technique helping for</P><P>that in the IPS?</P><P></P><P>thanks alot for your help</P><P>labib makar</P> Sun, 10 Mar 2019 12:00:34 GMT https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449448#M67361 hanyawad 2019-03-10T12:00:34Z https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449449#M67362 <HTML><HEAD></HEAD><BODY><P>No, unfortunately you can't inspect encrypted traffic on IPS. Not supported.</P></BODY></HTML> Mon, 24 May 2010 11:39:14 GMT https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449449#M67362 Jennifer Halim 2010-05-24T11:39:14Z https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449450#M67363 <HTML><HEAD></HEAD><BODY><P>so how can we protect the network from the attakes that come in the vpn tunnelling or ssh channel, for example?</P><P></P><P>thanks for your reply</P><P></P><P>labib</P></BODY></HTML> Mon, 24 May 2010 13:20:08 GMT https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449450#M67363 hanyawad 2010-05-24T13:20:08Z https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449451#M67364 <HTML><HEAD></HEAD><BODY><P>Labib;</P><P></P><P>&nbsp; For traffic exiting a VPN tunnel, you can place the IPS sensor behind the VPN termination point so it has access to the unencrypted traffic.</P><P></P><P>&nbsp; There is not an option to inspect SSL encrypted traffic; you would need to rely on a host-based system such as Cisco Security Agent to assist in providing such protection.</P><P></P><P>Scott</P></BODY></HTML> Mon, 24 May 2010 13:26:27 GMT https://community.cisco.com/t5/network-security/how-can-the-ips-inspect-the-encrypted-packets/m-p/1449451#M67364 Scott Fringer 2010-05-24T13:26:27Z