cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
configure & troubleshoot anyconnect
374
Views
0
Helpful
1
Replies
Beginner

FirePOWER - Hardware Security Module (HSM) Integration

Hello Community,

 

I was wondering if for e.g. especially for Inbound SSL-Decryption Rules it is possible to integrate Cisco Firepower appliances with any 3rd party HSM, so that private keys, etc. will remain outside the Firepower appliance ?

 

Greetings,

Thomas

Everyone's tags (3)
1 REPLY 1
Highlighted
Hall of Fame Master

Re: FirePOWER - Hardware Security Module (HSM) Integration

If you put an SSL appliance inline with the Firepower device you can get the traffic in decrypted form and inspect that.

 

If you're using an SSL policy on the Firepower device and specifying decrypt-and-resign as part of the policy then the decryption has to be done on the Firepower device itself - not on an HSM or other appliance.