cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3392
Views
0
Helpful
1
Replies
Beginner

Cisco IPS and SSL Inspection?

We have recently purchased a Cisco ASA 5512-X and I'm just curious if there is anyway for the ASA or a 3rd party tool working with the ASA, to monitor Decode/Reencode SSL traffic? Otherwise, anyone can simply access a ssl web site e.g. https://www.youtube.com and bypass the entire IPS?

Regards,

Craig

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Mentor

Re: Cisco IPS and SSL Inspection?

It won't work with the IPS because that can't decrypt the traffic. The new "native" way of inspecting SSL-traffic is to use ASA-CX:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-700607_ps12521_Products_Q_and_A_Item.html


Sent from Cisco Technical Support iPad App

View solution in original post

1 REPLY 1
Highlighted
VIP Mentor

Re: Cisco IPS and SSL Inspection?

It won't work with the IPS because that can't decrypt the traffic. The new "native" way of inspecting SSL-traffic is to use ASA-CX:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-700607_ps12521_Products_Q_and_A_Item.html


Sent from Cisco Technical Support iPad App

View solution in original post