To assure the security of sensitive data when being transmitting over networks, more and more websites adopt SSL encryption to protect their information. For the traditional security devices, they cannot scan the encrypted data, therefore cannot identify and filter the data. To address this problem, system provides the SSL proxy function to decrypt SSL encrypted traffic. With the combination of SSL proxy and web content, web post, and email filter, security appliance can audit the HTTPS actions for the users. Below is the illustration of the SSL proxy function:
As shown above, the SSL proxy function replaces the certificates of encrypted websites with the SSL proxy certificate to get the encrypted information. During the process, the security appliance acts as a SSL client and SSL server to establish connections to the Web server and Web browser respectively. The SSL proxy certificate is generated by using the device's local certificate and re-signing the website certificate.
Related topic: