Sourcefire adds SSL inspection to intrusion prevention system

Sourcefire has introduced an SSL appliance to enable its intrusion prevention system (IPS) to inspect SSL-secured traffic.

The company claimed that the SSL Appliance decrypts traffic before sending it to the IPS, and the IPS can then optionally redirect the secure and visible traffic back to the SSL Appliance for re-encryption.

It also claimed that unlike on-box SSL decryption solutions that use shared hardware resources for inspection, Sourcefire's architecture permits the IPS and SSL processes to run on separate systems, offloading all encryption and decryption requirements from the Sourcefire IPS.

Greg Fitzgerald, senior vice president of marketing at Sourcefire, said: “SSL is the leading form of data encryption used by companies around the world to safeguard their communications, but for many organisations this has also created a significant hole in their protection efforts.

“With the SSL Appliance, Sourcefire is addressing this security blind spot. And by using separate purpose-built hardware for our SSL and IPS capabilities, the Sourcefire IPS can inspect and block malicious encrypted traffic without impacting IPS performance.”

Sign up to our newsletters