>
    TLS 1.3 and PubSub Support for Traffic Replication
    Focus
    Download PDF
    Focus
    1. Home
    2. What's New in the NetSec Platform
    3. What's New in the NetSec Platform
    4. September 2024
    5. TLS 1.3 and PubSub Support for Traffic Replication
    Download PDF
    What's New in the NetSec Platform

    TLS 1.3 and PubSub Support for Traffic Replication

    Table of Contents

    TLS 1.3 and PubSub Support for Traffic Replication

    Traffic replication supports TLS 1.3 and PubSub notifications.
    If you're a large organization using Traffic Replication, you can have the following challenges in deploying and using it:
    • Tools that consume the packet capture (PCAP) files require frequent queries of the buckets to cope with a large number of PCAP files. The tools might create overhead on the buckets and their use might be limited by the cloud providers.
    • When using the PCAP files for forensic analysis, accessing SSL decrypted traffic provides better efficacy, and a significant amount of the traffic is TLS 1.3 encrypted.
    To solve these issues, Prisma Access offers these enhancements that allow third-party tools to be more efficient and easier to scale:
    • Pub/Sub Notifications—Prisma Access proactively sends a Pub/Sub notification when a new PCAP file is uploaded to the storage bucket. Using Pub/Sub notifications for new PCAP files eliminates the need to develop tools that notify you when there are new files in the buckets.
    • TLS 1.3 Decryption Support—Prisma Access uses TLS 1.3 when decrypting PCAP files, thus providing deeper visibility into the traffic. This support applies to remote network deployments where you have enabled the use of SSL/TLS decryption policy rules on PCAP files.

    © 2024 Palo Alto Networks, Inc. All rights reserved.