3 Replies Latest reply: Sep 23, 2013 5:14 PM by gfergus1 RSS

    ssl decryption for a local hosted server ?



      We have a hosted server which accessible from the outside that is using a domain name cert. for ssl connections I want to decrypt the connections to be inspected for this specific server , i saw some articles but i guess they are talking about ssl decryption for all the connections

      i don't want sensor performance to be degraded by enabling it globally I need the ssl decryption just for this specific server

      note that it's a virtual server


        • 1. Re: ssl decryption for a local hosted server ?

          enabling the SSL decryption feature is a global option, but the SSL decryption will only happen for inbound connections where the certificate is loaded on the sensor and the connection matches the certificate.

          There should be minimal impact on sessions where the certificate is not loaded.

          • 2. Re: ssl decryption for a local hosted server ?


            so no need to make any other changes in configurations , right?

            bear in mind that the server that i want to offload is citrix for application acceleration (client to server ) and citrix uses bitmap .

            will I have any addtional security from mcafee ips by decrypting  such connection ? or just enabling the  signatures related to citrix are enough to protect my server with out decryption ?



            thanks again

            • 3. Re: ssl decryption for a local hosted server ?

              no further changes are necessary.  You may want to keep an eye on sensor performance dashboards in the threat analyzer as the SSL decryption could add some additional load, but I wouldn't expect a lot from one server.


              The ssl decryption will allow all HTTP based attacks that require clear text for detection to be used against the ssl server.