For intercepted SSL traffic, the ProxySG has the Encrypted TAP feature that could send decrypted SSL traffic through the TAP port(s).
Encrypted tap streams decrypted data from intercepted HTTPS or STunnel SSL transactions on client connections. The tap is performed simultaneously and on the same ProxySG appliance which is performing the Secure Web Gateway function. The data is presented in a format that can be understood by common network traffic analysis tools like Wireshark, common network intrusion detection systems such as Snort, and so on.
Encrypted Tap does not support VLAN.
MTU is fixed at 1500 bytes.
SSL protocol headers/records/details are not preserved.
Encrypted Tap is supported for forward proxy for STunnel and HTTPS, and for reverse proxy for HTTPS.
Imported Document ID: 000024895
Subscribing will provide email updates when this Article is updated. Login is required.