Because all communication is funneled through SSL Orchestrator, it also serves as a strategic point of control where policies addressing operational risk (performance, availability, and security) are enforced. Within the decryption zone, security devices like Palo Alto Networks NGFW can access the data to detect and mitigate hidden threats like malware.į5’s advanced SSL/TLS decryption technology, strong cipher support, and flexible architectures help you optimize the use of resources, remove latency, and add resilience to your security inspection infrastructure. This system reference architecture covers the different ways of structuring F5® SSL Orchestrator® and Palo Alto Networks Next-Gen Firewall (NGFW) across network topologies while also addressing visibility, privacy, and regulatory compliance challenges.į5 SSL Orchestrator sits between the IT infrastructure and the Internet, creating a decryption zone which you can use for inspection. In addition to SSL/TLS visibility challenges and the fragmented nature of the security stack, enterprises are finding it challenging to design a comprehensive security strategy with any longevity. The decryption and encryption of data by different security devices, like Palo Alto Networks Next-Gen Firewall (NGFW), can potentially increase overhead and latency. Today’s pervasive encryption means threats are hidden and invisible to security inspection unless traffic is decrypted. (For reference, see the 2019 TLS Telemetry Report Summary from F5 Labs).
Data moving between clients (computers, tablets, phones, and so on) and servers is predominantly encrypted with Secure Sockets Layer (SSL) or the more modern, more secure Transport Layer Security (TLS).
0 kommentar(er)
