Provides high-performance decryption and encryption of outbound SSL/TLS traffic and supports dynamic, policy-based management and steering of traffic to security devices.
Today, the percentage of SSL traffic exceeds 70 percent, and that percentage is increasing. Between one-half and three quarters of attacks cloak their communications in that encrypted traffic. So, if you’re not inspecting that traffic, you will miss attacks, leaving your organization vulnerable to data breaches.
Visibility into encrypted traffic is key to securing your data. SSL Orchestrator provides high-performance decryption and encryption of outbound SSL and TLS traffic.
SSL Orchestrator gives you visibility into SSL traffic with centralized decryption across multiple security tools—web application firewalls (WAFs), data loss prevention (DLP) tools, intrusion detection systems (IDS), intrusion prevention systems (IPS), malware analysis tools, and more. It bridges the gaps between point solutions, which often aren’t designed to work together, in a scalable way.
SSL Orchestrator lets you target a selected chain of security devices based on policies you set around traffic characteristics. It helps you get the most value from the entire security stack while also making it simpler to manage, since management is centralized on a single device.
With SSL Orchestrator, you gain operational efficiencies and scale, while making sure the security tools you already have in place are working together to reduce risk.
SSL Orchestrator supports multiple deployment models—inline layer 3, inline layer 2, ICAP services, and more—so it’s easy to integrate into even complex infrastructures.
Provides SSL decryption and re-encryption, strong cipher support, and support for one- and two-box deployments.
Provides service insertion, service resiliency, service monitoring, and load balancing.
Supports geolocation, IP reputation, URL categorization, and source and destination intelligence.
Header changes, support for port translation, and robust proxy-level control over ciphers and protocols.
Supports inline layer 3, Inline layer 2, ICAP services, and receive-only modes.
F5 partners with many of the world’s leading security companies, creating an ecosystem that strengthens security, increases scale and availability, and lowers operational costs for everyone. The integration and interoperability that our close collaboration fosters benefits all of our joint customers.
Cisco ASA FirePOWER >
FireEye NX >
Palo Alto Networks Next-Gen Firewall Solution >
Symantec DLP >