Products AirMagnet Enterprise WiFi Analyzer Survey Planner Spectrum XT AirMedic USB VoFi Analyzer Handheld Analyzer Express Field Kit Codima Technologies Toolbox All In One IT Inventory & Mapping Toolbox IT Engineer Toolbox VoIP Readiness Toolbox VoIP Monitoring & Troubleshooting Toolbox Fluke Networks Datacom Cabling - Copper Certification and Testing DTX CableAnalyzer Series LinkWare Cable Test Management Software LinkWare Stats CableIQ Residential Qualifier CableIQ Qualification Tester MicroScanner Cable Verifier MicroMapper - Fiber Certification and Testing OptiFiber OTDR DTX CableAnalyser Series DTX-CLT CertiFiber Optical Loss Test Set FiberInspector Pro FiberViewer FiberInspector Mini SimpliFiber Pro Optical Power Meter and Fiber Test Kits SimpliFiber Optical Loss Test Kits Fiber Optic Cleaning Kits CertiFiber VisiFault Visual Fault Locator - Datacom Installation Tools Tool Kits Punchdown Tools and Blades Hand Tools Toners and Probes - IntelliTone Pro Toner and Probe - Pro3000 Analog Tone and Probe Basic Cable Testers Telephone Test Sets IT Networking - Monitoring, Analysis and Troubleshooting Network Time Machine ClearSight Analyzer OptiView XG Network Analysis Tablet NetAlly Application Advisor OptiView NetFlow Tracker OptiView Management Appliance with Reporter Tap Solutions - Test and Troubleshoot OptiView XG Network Analysis Tablet EtherScope Series II Network Assistant AirCheck Wi-Fi Tester NetTool Series II Inline Network Tester LinkRunner Pro & Duo Network Multimeter CableIQ Qualification Tester LinkRunner Network Multimeter IntelliTone Pro Toner and Probe - WLAN Security and Analysis AirMagnet Enterprise AirMagnet WiFi Analyzer AirMagnet Survey AirMagnet Planner AirMagnet Spectrum Analyzer AirMagnet VoFi Analyzer AirMedic OptiView XG Network Analysis Tablet Palo Alto Networks Core Technologies - App-ID - User-ID - Content-ID Platforms - PA-5000 Series - PA-4000 Series - PA-2000 Series - PA-500 Features Visual Network Systems Visual Performance Manager VPM Xpress NetFlow Tracker VSS Monitoring Distributed Taps Protector Series ObjectFinder Series Traditional Taps Solutions AirMagnet 24x7 WLAN IDS/IPS and Management WLAN Management Tools WLAN Design WLAN Voice 802.11n Solution Compliance Center Codima Technologies British Telecom Ireland SkyWave Inc. Japan The CCMUA Network Philadelphia Museum of Art Fluke Networks Cabling Designers and Consultants Cable Installation Technician Designing & Implementing Application Services Industrial Ethernet LAN System Integrator Managing Service Provider Networks Managing, Monitoring and Troubleshooting Application Performance Network Engineer Network Technician Service Provider Technician Palo Alto Networks Identify & Control Applications Prevent Threats Simplify Security Infrastructure Visual Network Systems Network Performance Application Performance VoIP Performance VSS Monitoring Best Practices IntelliScale Architecture Span Port Contention 10G Networks vAssure Gigabit Copper Failsafe Tool Load Balancing Microburst Detection Speed Up Security POCs Promotions Info Centre On-Demand Webcasts White Papers Case Studies News and Events News Events Live Webcasts Company Contact Us   Home > Products > Palo Alto Networks > Identify & Control Encrypted Traffic         Identify & Control Encrypted Traffic       Encryption can be a double edged sword, protecting legitimate traffic on one hand, while hiding illicit activity on the other. Using policy-based decryption and inspection, administrators can ensure that SSL and SSH are being used for business purposes as opposed to propagation of threats or unauthorized data transfer.     Identify, control and inspect outbound SSL traffic. Policy based identification, decryption, and inspection of inbound SSL traffic (from outside clients to internal servers) can be applied as a means of ensuring that applications and threats are not hiding within SSL traffic. Server certificate and private key are installed on the Palo Alto Networks next-generation firewall to achieve the decryption. By default, SSL decryption is disabled.   Identify, control and inspect inbound SSL traffic. Policy-based identification, decryption and inspection of outbound SSL traffic (from users to the web) can be applied as a means of ensuring that applications and threats are not hiding within SSL traffic. A man-in-the-middle approach is used where device certificates are installed in the user's browser. By default, SSL decryption is disabled.   Identify and control SSH traffic. Administrators can perform policy-based identification and control of SSH tunneled traffic. A man-in-the-middle approach is used to detect port forwarding or X11 forwarding within SSH as an ssh-tunnel, while regular shell or scp and sftp access to the remote machine is reported as ssh. By default, SSH decryption is disabled.   Learn More         Copyright © 2011 Bitrate (Pty) Ltd.