Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
798
Views
0
Helpful
3
Replies

SSL Decryption Placement

fatalXerror
Level 5
Level 5

‎03-02-2021 08:15 PM

Hi Guys,

I am just wondering where is the best placement for a firewall doing an SSL decryption? If I have a multi-tier firewall in the network, tier-1 which is facing outside network will definitely needs SSL decryption but how about internal firewall or DMZ side firewall?

Thanks

0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎03-03-2021 12:03 AM

if the perimeter going via DMZ all the connection out, then DMZ is the right place. if not outside interface.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

fatalXerror
Level 5
Level 5
In response to balaji.bandi

‎03-03-2021 12:44 AM

Hi @balaji.bandi , is this means that no need to enable the SSL decryption for the internal firewall? Thanks

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to fatalXerror

‎03-03-2021 01:34 AM

depends on the network as you said you have multi-tier FW, so I expect or suggest this to be the perimeter where it exits to the Internet oor internet edge FW.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card