Cover-Photo

SSL Inspector

More and more Internet traffic is being encrypted using HTTPS, which creates a huge blindspot for firewalls. It compromises their ability to analyze traffic, identify threats or handle policy violations.

 

SSL Inspector solves this problem. Whether it is driven by concerns about personal privacy, or the rise of web applications like Salesforce, Netflix and Facebook, the amount of encrypted Internet traffic has exploded. SSL Inspector puts NG Firewall in the middle of the encrypted traffic, with the ability to decrypt and analyze the data as it passes through.

 

SSL Inspector creates a specialized certificate on each client. This certificate communicates directly with the gateway which is then able to decrypt HTTPS and SMTP traffic, process, and re-encrypt it on the fly all from within NG Firewall—without ever exposing the decrypted traffic to the network. This enables HTTPS traffic to be inspected in the same way as regular HTTP traffic, meaning that all NG Firewall apps and their rules can be applied.

 

Get SSL Inspector

Full decryption of HTTPS and SMTP allowing web traffic to be scanned.

Starting at $10.00 a month!

Buy Now

14-Day Free Trial

Not ready to buy? Try it in your network risk-free.


For the client authenticity checks to be successful, the client must be configured to trust the root certificate used by the Untangle server to sign the man-in-the-middle certificates. The Configuration tab provides you with many options and protocols to help.


The Rules tab lists all the rules you have in place. You can specify explicit rules to Inspect or Ignore HTTPS traffic.


Adding a rule is simple. Just select the type, value and appropriate action to take: Ignore or Inspect.


The Reports tab provides a view of all the reports and events for all traffic handled by SSL Inspector. This reports shows the number of inspected sessions over the specified period of time. You can drill-down to see which sessions were inspected.


Configuration

For the client authenticity checks to be successful, the client must be configured to trust the root certificate used by the Untangle server to sign the man-in-the-middle certificates. The Configuration tab provides you with many options and protocols to help.


Rules

The Rules tab lists all the rules you have in place. You can specify explicit rules to Inspect or Ignore HTTPS traffic.


Add a Rule

Adding a rule is simple. Just select the type, value and appropriate action to take: Ignore or Inspect.


Reports

The Reports tab provides a view of all the reports and events for all traffic handled by SSL Inspector. This reports shows the number of inspected sessions over the specified period of time. You can drill-down to see which sessions were inspected.


We have been using Untangle for the last few years and love it. Ranga Subasinghe, Huntingtower School
The product runs itself. I can rest assured all my networks are protected against all types of attacks. Joe Sloan, Admiral Farragut Academy

Features

  • Requires issuance of a new certificate on each client to avoid browser warnings.
  • Can be configured to analyze some traffic while passing through the rest.
  • Fully decrypt SMTP over SSL to allow Web Filter to block/flag sites, Application Control to apply rules to users, and Spam Blocker to scan SMTP.