Deploying GigaSECURE Inline SSL Solution using Flexible Inline (6.2)
Introduction
In an enterprise network, one of the key challenges for a security tool is to decrypt and inspect SSL/TLS encrypted traffic. The GigaSECURE Inline SSL solution can be deployed to decrypt and forward the same decrypted traffic to one or more tools (inline or out-of-band). This solution also enables taking a copy of traffic before and after a security tool inspection and is managed by GigaVUE-FM which provides a single pane of glass for deploying, managing, and troubleshooting the solution. This solution can be deployed to:
- Decrypt the traffic destined for internal servers (inbound).
- Decrypt the traffic destined for the Internet (outbound).
- Feed copies of the decrypted traffic to out-of-band tools.
This Gigamon Validated Design illustrates deploying the GigaSECURE Inline SSL solution to:
- Decrypt hosted web applications (inbound mode).
- Enable inspection by an inline tool that cannot process Q-in-Q traffic (non-shared or tag-less mode).
- Decrypt both inbound and outbound traffic.
- Copy the decrypted traffic post inspection of Inline tools.
Figure 1 - Topology for GigaSECURE Inline SSL deployment to inspect internally hosted web applications
Figure 2 - Topology for GigaSECURE Inline SSL deployment using flexible Inline SSL
Design Overview
Consider the following scenarios wherein:
- A Web Application Firewall (WAF) is deployed to inspect traffic destined to/from hosted web applications (Figure 1).
- An Intrusion Prevention System (IPS) and WAF are deployed to inspect outbound and inbound Internet traffic, and SIEM is deployed to monitor the decrypted traffic (Figure 2). Assume, WAF cannot handle Q-in-Q traffic in this case.
To learn more about this solution, read complete details on the Gigamon Community: Deploying-GigaSECURE-Inline-SSL-Solution-using-Flexible-Inline-6-2