07-31-2015 01:27 AM - edited 02-21-2020 05:32 AM
I want to know what options exists in cisco platforms for following scenario
"We are looking to update the infra which currently houses a linux box working as reverse proxy and mod sec which does application layer inspection. The box later re-encrypts traffic when it leaving the box to be sent to actual targeted server. So, this one box is configured to perform termination and inspection of traffic both.
The new hardware , we are looking for must have an option which is equivalent in purpose (termination and inspection) but improved itself in terms of sec high end performance and also gives more attack coverage.
So the requirements are to perform:-
Please let me know if more explanation is required and how I can improve my question if required.
Thanks.
Solved! Go to Solution.
07-31-2015 07:30 AM
In both cases, the Cisco products use a trusted certificate issued by a private Certificate Authority to terminate the SSL sessions requested by the clients. It re-encrypts the flow as it passes to the target servers.
07-31-2015 06:29 AM
There are two available Cisco solutions for this in the current portfolio (not including the discontinued ASA CX module add-on NGFW):
1. Cisco Web Security Appliance (WSA).
2. Cisco FirePOWER appliance (only the hardware appliances - not the FirePOWER modules on ASA (yet)).
07-31-2015 07:24 AM
Thanks Marvin,
In both the above solution, would I have the ability to re-encrypt traffic as well, or is decrypt - inspect and forward only. Thanks.
07-31-2015 07:30 AM
In both cases, the Cisco products use a trusted certificate issued by a private Certificate Authority to terminate the SSL sessions requested by the clients. It re-encrypts the flow as it passes to the target servers.
07-31-2015 12:04 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide