SSL
SSL Offloading: A10 Networks
Click to explore the offer:
What is Thunder SSLi?
The A10 Thunder® SSLi® (SSL Insight) solution decrypts traffic on all ports, enabling third-party security devices to analyse all enterprise traffic without compromising performance. Thunder SSLi improves the performance of the security infrastructure by decrypting traffic and forwarding it to one or more third-party security devices, such as a deep packet inspection (DPI) firewall. Thunder SSLi re-encrypts the traffic and forwards it to its destination. Response traffic is also inspected in the same way. Thunder SSLi eliminates the so-called 'blind spot' problem posed by SSL encryption by offloading the CPU and SSL decryption and encryption functions from third-party security devices, while ensuring compliance with privacy standards.
Features and functions
Why use Thunder SSLi?
Eliminating blind spots in the security infrastructure
Thunder SSLi enables hidden threats to be detected and stopped, maximising the effectiveness of security solutions already in place, regardless of their type or deployment model - by offloading decryption/encryption activities.
Reducing operating costs
Thunder SSLi offers a centralised point for decrypting enterprise traffic, passing it to multiple security devices. This reduces the load on each security device, improving performance while maintaining security due diligence. The solution also eliminates the need to purchase larger security appliances just to support resource-depleting decryption and encryption functions.
Simplifying operations and safety management
A wizard-based configuration, deployment and management tool, AppCentric Templates make Thunder SSLi the easiest-to-use decryption solution in the industry. With intuitive dashboards, organisations can easily track their network activity. The system also includes an industry-standard CLI, web-based user interface and RESTful API that integrates with external or custom management consoles.
Flexible implementation
Thunder SSLi can be deployed in virtual-wire, L2 or L3 mode and as an embedded transparent proxy or a regular proxy. I t offers support for embedded L2/L3 third-party security devices and embedded ICAP for direct connection to DLP systems.
Certificate verification
Attackers can use invalid certificates to infiltrate networks. If these attacks are not blocked, users may be exposed to multiple attacks. multiple attacks. Thunder SSLi helps the system confirm the validity of certificates received from the server by supporting Certificate Revocation List (CRL) and Online Certificate Status Protocol (OCSP). These help verify that a certificate is valid.
Ensuring compliance and privacy
Thunder SSLi facilitates compliance with security and privacy standards such as HIPAA, PCI DSS, RODO or NIS2, among others, by maintaining detailed, policy-based control over network traffic and ensuring user privacy through traffic categorisation.
Traffic decryption for all security devices
To secure a corporate network well, against both internal and external threats, organisations need the help of various security devices. The Thunder SSLi solution works with a variety of ICT security platforms to ensure that the entire network is protected against encrypted threats. These include UTM (Unified Threat Management), NGFW (Next Generation Firewall), IPS (Intrusion Prevention System), DLP (Data Loss Prevention), SWG (Secure Web Gateway) or SEG (Secure E-mail Gateway) solutions.
Features and functions
Key features and functions of Thunder SSLi
Decryption on multiple ports and protocols
With dynamic port inspection, Thunder SSLi decrypts traffic on all TCP ports. Decryption for protocols such as STARTTLS, XMPP, SMTP and POP3 is also supported. However, decryption functions are not limited to SSL/TLS only, encrypted traffic and decryption for SSH traffic is also supported.
Support for multiple ciphers
With dedicated SSL acceleration hardware, Thunder SSLi delivers high performance at 2048-bit and 4096-bit key sizes, while supporting multiple cipher suites, including DHE and ECDHE, for Perfect Forward Secrecy (PFS) support.
URL filtering for access control
URL filtering is used to maximise employee productivity and reduce risk by blocking access to malicious websites, including malware, spam and phishing sources.
Support for ICAP
Data loss prevention (DLP) systems typically use ICAP to connect to the network and prevent unauthorised data leakage. Thunder SSLi supports ICAP connectivity simultaneously with other decryption modes.
Full proxy architecture
Thunder SSLi acts as a full proxy, allowing customisation of the choice of cipher suite for encryption. Thunder SSLi can renegotiate another cipher suite of similar strength, making the solution adaptable to new ciphers or versions of TLS that may be introduced to the network without notice. Thunder SSLi can ensure that traffic is encrypted using the most secure encryption methods, eliminating the use of compromised ciphers.
URL classification for selective decryption
Thunder SSLi URL classification categorises traffic across more than 460 million domains, selectively bypassing traffic decryption to enforce privacy policies so that private/sensitive data (e.g. medical or financial records) is not decrypted, in line with compliance standards such as HIPAA.
Load balancing of safety devices
By supporting load-balancing, Thunder SSLi significantly increases the performance of firewalls and other security devices. It easily adds security capabilities and extends the life of existing security devices. Flexible, weighted traffic priorities can be assigned.
Recognition and control of application traffic
The system identifies and categorises application-level traffic, enabling more detailed controls and policies to be defined, with visibility and control of applications. Together with comprehensive user and group awareness, this provides deep insight into application traffic for effective security planning and sanctioning of permitted business applications.