Deploying GigaSECURE Inline SSL Solution using Flexible Inline (5.11)

Introduction

In an enterprise network, one of the key challenges for a security tool is to decrypt and inspect SSL/TLS encrypted traffic. The GigaSECURE Inline SSL Solution can be deployed to decrypt and forward the same decrypted traffic to one or more tools (inline or out-of-band). The solution can be deployed to

• decrypt traffic destined to internal servers (inbound).
• decrypt traffic destined to the Internet (outbound).
• feed copies of the decrypted traffic to out-of-band tools.

The solution also enables taking a copy of traffic before and after a security tool inspection. GigaVUE-FM provides a single pane of glass for deploying, managing, and troubleshooting the solution. This Gigamon Validated Design illustrates deploying the solution to

• decrypt hosted web applications (inbound mode).
• enable inspection by an inline tool that cannot process Q-in-Q traffic (non-shared or tag-less mode).
• decrypt both inbound and outbound traffic.
• copy the decrypted traffic post inspection of Inline tools

Design Overview

Consider the following scenarios wherein

• A Web Application Firewall (WAF) is deployed to inspect traffic destined to/from hosted web applications (Figure 1)
• An Intrusion Prevention System (IPS) and WAF are deployed to inspect outbound and inbound Internet traffic, and SIEM is deployed to monitor the decrypted traffic (Figure 2). Assume, WAF cannot handle Q-in-Q traffic.

Figure 1: Topology for GigaSECURE Inline SSL  deployment to inspect internally hosted web applications 


Figure 2: Topology for GigaSECURE Inline SSL  deployment  using flexible Inline SSL

To learn more about this solution, read complete details on the Gigamon Community: Deploying GigaSECURE Inline SSL Solution using Flexible Inline (5.11).