The security industry has shifted its focus to the client side. Malware and other malicious programs are increasingly being installed unknowingly on client computers where they can replicate to other clients, and relay information to malicious entities. Security vendors provide tools to detect and mitigate these problems by inspecting the traffic between client and the untrusted side of the network (the Internet).
At the same time, most online web services or cloud applications now use TLS/SSL to secure the session with the client. While this is a good strategy for many reasons, it introduces a problem for active traffic inspection tools—the information is encrypted and thus, unreadable.
A10's SSL Intercept feature addresses this problem by decrypting traffic and forwarding it through a 3rd party security device (for example, a firewall) for deep packet inspection and then securely forwarding on to its destination.
Many security devices such as firewalls, intrusion protection systems and anti-virus protection devices are built to perform in-depth traffic analysis of unencrypted flows, and make policy decisions.
These devices usually are not designed to inspect SSL traffic because the content is encrypted. Some devices offer internal SSL decryption/encryption support but usually the performance requirements are not satisfied. A10 Networks "SSL Intercept" solution allows security devices to inspect SSL content by offloading CPU-intensive encryption and decryption tasks from the security devices to A10 ADCs
High performance with SSL acceleration hardware:
A10 ADCs with powerful SSL security processors can significantly improve the performance of your critical business applications and services by managing multiple secure connections simultaneously with exceptional SSL CPS rates. With SSL acceleration hardware, the Thunder device has near parity performance for the upgrade to 2048-bit key sizes, and has the extreme power needed to handle 4096-bit keys at high performance production levels.