Skip to main content Skip to search
Get a Free Trial
Blog

Three Misconceptions of Breaking and Inspecting SSL Traffic

There are a lot of misconceptions about breaking and inspecting SSL (Secure Sockets Layer) traffic. So much so that some companies elect to go without the ability altogether.

In this video, A10 Senior Federal Lead SE James Schweitzer separates fact from fiction when it comes breaking and inspecting encrypted traffic and highlights the benefits of a dedicated SSL/TLS decryption solution like A10 Thunder SSLi:

Performing break and SSL inspect will have a performance impact

Misconception #1

A10 has a legacy of performance and scale with our ADC solutions, which weโ€™ve applied to SSL break and inspect with A10 Thunder SSLi to ensure it has no negative impact on performance. Users wonโ€™t experience delays and they wonโ€™t be unhappy. And, A10 Thunder SSLi will increase security posture by providing traffic decryption. Itโ€™s a win-win.

To properly break and inspect encrypted traffic, an organization must rip and replace its existing security architecture

Misconception #2

A10 offers versatile deployment options โ€“ in Layer 2 or Layer 3 โ€“ for companies that are already doing some break and inspect and companies that arenโ€™t doing it at all. If your company has web proxies, transparent or explicit, we want to work with you and let you know you donโ€™t have to re-architect your entire network and you donโ€™t have to rip and replace your security infrastructure to properly break and inspect SSL traffic.

Breaking and inspecting encrypted traffic puts your keys at risk

Misconception #3

A10 implements a hardware security module (HSM) and can support up to four HSMs on A10 Thunder SSLi. HSMs are a one-way trap door where we can take keys in and they canโ€™t be extracted even with physical access to the device, ensuring keys are not at risk.

For more information on A10 Thunder SSLi, download the data sheet and request a live demo today.