Do TippingPoint devices inspect SSL traffic?

- Updated:
- 13 Aug 2019
- Product/Version:
- TippingPoint IPS N-series All
- TippingPoint IPS NX-series All
- TippingPoint IPS S-series All
- TippingPoint NGFW All
- TippingPoint SecBlade All
- TippingPoint TPS All
- TippingPoint Virtual TPS All
- Platform:

Summary

This article addresses TippingPoint devices and SSL traffic.

Details

A: TippingPoint devices inspect all traffic as long as said traffic is NOT encrypted. By definition, SSL traffic is encrypted, so while the device cannot inspect the encrypted traffic, it will attempt to do so, thus causing additional load on the system. It is a recommended best practice to utilize Inspection Bypass rules to bypass encrypted traffic.

If SSL traffic inspection is required, TippingPoint offers the Threat Protection System (TPS) family of devices. The TPS devices (with appropriate SSL license) decrypt SSL traffic between clients and site servers and sends decrypted traffic to the device for analysis. After inspection, the SSL traffic is re-encrypted and sent on its way.

Device support - the following TPS devices support SSL inspection:

T-Series (2200T)
TX-Series (5500TX, 8200TX, 8400TX)
Virtual Threat Protection System (vTPS) (performance mode only)

Rating:

Category:

Configure; Troubleshoot; Deploy

Solution Id:

TP000086707

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.