Deploying GigaSECURE Inline SSL Solution using Flexible Inline (6.2)

Introduction

In an enterprise network, one of the key challenges for a security tool is to decrypt and inspect SSL/TLS encrypted traffic. The GigaSECURE Inline SSL solution can be deployed to decrypt and forward the same decrypted traffic to one or more tools (inline or out-of-band). This solution also enables taking a copy of traffic before and after a security tool inspection and is managed by GigaVUE-FM which provides a single pane of glass for deploying, managing, and troubleshooting the solution. This solution can be deployed to:

• Decrypt the traffic destined for internal servers (inbound).
• Decrypt the traffic destined for the Internet (outbound).
• Feed copies of the decrypted traffic to out-of-band tools.

 This Gigamon Validated Design illustrates deploying the GigaSECURE Inline SSL solution to:

• Decrypt hosted web applications (inbound mode).
• Enable inspection by an inline tool that cannot process Q-in-Q traffic (non-shared or tag-less mode).
• Decrypt both inbound and outbound traffic.
• Copy the decrypted traffic post inspection of Inline tools.

Figure 1 - Topology for GigaSECURE Inline SSL deployment to inspect internally hosted web applications

Figure 2 - Topology for GigaSECURE Inline SSL deployment using flexible Inline SSL

Design Overview

Consider the following scenarios wherein:

• A Web Application Firewall (WAF) is deployed to inspect traffic destined to/from hosted web applications (Figure 1).
• An Intrusion Prevention System (IPS) and WAF are deployed to inspect outbound and inbound Internet traffic, and SIEM is deployed to monitor the decrypted traffic (Figure 2). Assume, WAF cannot handle Q-in-Q traffic in this case.

To learn more about this solution, read complete details on the Gigamon Community: Deploying-GigaSECURE-Inline-SSL-Solution-using-Flexible-Inline-6-2