How to Offload Decryption from Security Tools

Get quote
Vision X Network Packet Broker
+ Vision X Network Packet Broker
Vision X Network Packet Broker
+ Vision X Network Packet Broker

Integrating TLS / SSL decryption into the visibility layer

Offloading decryption from security tools such as firewalls and intrusion detection systems (IDS) requires finding a more cost-effective approach to looking for threats encrypted within security protocols. Integrating decryption within a network packet broker ensures efficient traffic inspection, improving security tool utilization by up to 75%, leaving more capacity available to inspect payloads and uncover threats. By relieving the strain on security tools, offloading decryption to a visibility layer avoids investments in standalone transport layer security (TLS) / secure sockets layer (SSL) decryption devices and streamlines security operations workflows.

Configure the packet broker to decrypt traffic captured from the network before processing and sending it to monitoring tools. This lets analysts see inside every packet while freeing up firewalls to do what they’re built to do — protect the network perimeter. Once network traffic gets decrypted at the visibility layer, multiple security tools can inspect the content without re-encrypting and decrypting traffic data several times. This streamlined decryption workflow avoids delays in detecting new threats to improve a business’s security posture as the network infrastructure scales.

Integrated inline decryption solution

Integrated inline decryption solution

Offloading decryption requires intelligent packet brokers to perform advanced packet processing with zero packet loss. Keysight Vision network packet broker appliances decrypt and filter traffic by application before sending data to multiple monitoring and detection tools. Vision packet brokers remove duplicate packets and filter out other unwanted data to further improve security tool utilization. Processing in hardware delivers the capacity needed to perform multiple advanced visibility functions – like decryption and deduplication—at the same time. Application intelligence provided by the packet broker further reduces reliance on SIEM tools used to correlate decrypted data for analysis. Keysight’s external bypass switches add failsafe resilience to make sure everything inline always stays online.
Get quote

Explore products in our integrated inline decryption solution

Related use cases

How to Monitor Virtual Network Environments
Stage 6: Operations

How to Monitor Virtual Network Environments

Monitoring virtual environments requires adding virtual tapping, processing and filtering for a complete observability. Maintaining vendor-agnostic observability in any cloud environment improves performance and reduces risk without disrupting production networks.

Learn more keysight-arrow

How to Get Visibility into the 5G Core
Stage 6: Operations

How to Get Visibility into the 5G Core

Gaining insight into the 5G core to troubleshoot quality of service (QoS) requires integrating virtual tapping (vTap) into a shared visibility fabric. Learn how to use network packet brokers (NPBs) to decrypt traffic and gain event sequencing and health metrics for monitoring probes.

Learn more keysight-arrow

How to Automate Command and Control Systems Testing
Stage 4: System Validation

How to Automate Command and Control Systems Testing

Automating command and control testing requires a non-invasive tool to enable full system testing without requiring access to the source code and preserve the integrity of highly sensitive C2 environments. Learn how to test mission-critical systems securely.

Learn more keysight-arrow

contact us logo

Get in touch with one of our experts

Need help finding the right solution for you?

Contact us