Solved

Blue Coat: SSL Interception

Posted on 2011-02-23
2
1,431 Views
Last Modified: 2012-05-11
What exactly does the SSL Interception do? I understand how it works, however what does Blue Coat do with the decrypted traffic.

Thanks.

0
Comment
Question by:NYGiantsFan
2 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 250 total points
ID: 34968149
This provides some input:
https://forums.bluecoat.com/viewtopic.php?f=1&t=6609

Thank you.
0
 
LVL 62

Assisted Solution

by:btan
btan earned 250 total points
ID: 34986023
thought you would check out my replies to learn more of SSL intercept
@ http://www.experts-exchange.com/Security/Encryption/Q_26691453.html?cid=1065#a34434902

Since you are aware of the SSL Interception, I will not delve into that, and in particular for Bluecoat, it actually has two mode namely the transparent and explicit mode - I see it as passive and active enforcement check. The key is typically the decrypted traffic is needed to scan for exploits and malicious content such as shellcode and etc. Bluecoat help to intercept and decrypt the traffic so that other server such as AV Server, DLP Server and etc can perform their checks and alert back to trigger alarm. Bluecoat provides such facilities and actually if you have other proxy server and can pass on the decrypted (or even encrypted) traffic for staged processing depending on deployment need. Basically, Bluecoat just wanted to do due diligence in content filtering and it need such visibility - additional support or scanning can be offload ...

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now