Last updated on: 2018-11-12
Authored by: Nick Shobe
Many appliactions terminate Secure Socket Layer (SSL) and Transport Layer Security (TLS) at the network edge with a load-balancer or web application firewall. If your application uses end-to-end encryption, then we need a copy of the SSL keys and certifications to decrypt traffic on your Network-based Intrusion Detection (NIDS) appliances. In cases where end-to-end encryption is in use and decrpytion is not working, our Security Operations Center (SOC) will not be able to detect network threats embeded in the SSL and TLS traffic. To enable decrytion the following information is required:
Because the Alert Logic® Threat Managers™ that we use to provide our NIDS solution do not support Diffie-Hellman for decryption, you must disable DH for your applications. For more information, see Alert Logic and Diffie-Hellman.
The following cyphers are supported with NIDS decryption:
For more information, see Alert Logic Supported Cyphers.
©2020 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License