cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2257
Views
5
Helpful
1
Replies

FirePOWER - Hardware Security Module (HSM) Integration

thomas.busse
Beginner
Beginner

Hello Community,

 

I was wondering if for e.g. especially for Inbound SSL-Decryption Rules it is possible to integrate Cisco Firepower appliances with any 3rd party HSM, so that private keys, etc. will remain outside the Firepower appliance ?

 

Greetings,

Thomas

1 Reply 1

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

If you put an SSL appliance inline with the Firepower device you can get the traffic in decrypted form and inspect that.

 

If you're using an SSL policy on the Firepower device and specifying decrypt-and-resign as part of the policy then the decryption has to be done on the Firepower device itself - not on an HSM or other appliance.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers