Decryption Broker Concepts

A firewall acting as a decryption broker uses dedicated decryption forwarding interfaces to send decrypted traffic to a security chain—a set of inline, third-party security appliances—for additional analysis. Two types of security chain networks are supported with a decryption broker (Layer 3 security chains and Transparent Bridge security chains), and you can also choose for the firewall to direct traffic through the security chain unidirectionally or bidirectionally. A single firewall can distribute decrypted sessions among up to 64 security chains, and can monitor security chains to ensure that they are effectively processing traffic.

Related Documentation