Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4406
Views
0
Helpful
1
Replies

Cisco IPS and SSL Inspection?

Go to solution
saicuser1
Level 1
Level 1

‎08-19-2013 12:14 AM - edited ‎03-10-2019 06:02 AM

We have recently purchased a Cisco ASA 5512-X and I'm just curious if there is anyway for the ASA or a 3rd party tool working with the ASA, to monitor Decode/Reencode SSL traffic? Otherwise, anyone can simply access a ssl web site e.g. https://www.youtube.com and bypass the entire IPS?

Regards,

Craig

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP

‎08-19-2013 10:54 PM

It won't work with the IPS because that can't decrypt the traffic. The new "native" way of inspecting SSL-traffic is to use ASA-CX:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-700607_ps12521_Products_Q_and_A_Item.html


Sent from Cisco Technical Support iPad App

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Karsten Iwen
VIP
VIP

‎08-19-2013 10:54 PM

It won't work with the IPS because that can't decrypt the traffic. The new "native" way of inspecting SSL-traffic is to use ASA-CX:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-700607_ps12521_Products_Q_and_A_Item.html


Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card