You can't defend against threats you can’t see. By enabling decryption on your next-gen firewalls you can inspect and control SSL/TLS and SSH traffic so that you can detect and prevent threats that would otherwise remain hidden in encrypted traffic. Use the best practice guidelines in this site to learn how to plan for and deploy decryption in your organization.
Table of Contents
What Do You Want To Do?
Best Practice Decryption Profile: Internet Gateway
Best Practice Decryption Profile: Data Center
Decryption Profiles define the SSL Protocol settings the firewall accepts so you can protect against vulnerable, weak protocols and algorithms.
Prepare to Deploy Decryption
Proper preparation makes deploying decryption much easier and smoother because everyone from IT to executives to the user base is educated and ready for the changes.
Size the Firewall Decryption Deployment
Decryption consumes firewall CPU resources, so it’s important to evaluate the amount of SSL decryption your firewall deployment can support and decide what to do if you need more power to support your desired decryption deployment.