cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
505
Views
0
Helpful
3
Replies

https scanning through IPS

vikasgupta2k
Beginner
Beginner

Is it possible to scan all the https traffic passing through AIP module installed on ASA (inbound and outbound)?

3 Replies 3

Hi,

You can inspect the HTTPS traffic passing through the IPS module on the ASA.

But you need to know that since HTTPS is encrypted, the IPS will not be able to ''read'' the contents of the packet.

So, you can monitor the behavior of the HTTPS traffic, and so on, but you cannot decrypt and obtain the original content (data) of the packets.

Federico.

Is there any formal documentation from Cisco on this that I can present to the customer?

I'm not sure that I've seen a document.

It's the same with any cryptographic protocol (HTTPS, SSH, ISAKMP, SFTP, etc.)

Anything that goes encrypted can't be ''read'' since you would have to be able to decrypted prior to sending the traffic to the IPS for scanning.

Federico.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers