Enterprise SSL Decryption

Decrypt SSL traffic on the fly up to 20 Gbps.

The ExtraHop SSL Expansion Kit performs real-time decryption and analysis of SSL-protected traffic, enabling IT teams to manage application performance in secure environments and performs audits of ciphers, key lengths, and certificates.

As enterprises increasingly adopt stronger SSL encryption for more of their application traffic, they struggle to monitor network and application performance in secure areas of their environment. According to the May 2011 Palo Alto Networks Application Usage and Risk Report, more than 40 percent of business applications can use SSL and roughly 36 percent of network traffic is secured with SSL encryption. Traditional software-driven SSL decryption cannot keep up with this growing workload.

Monitor Real-Time Application Performance in Secure Environments

The ExtraHop SSL Expansion Kit restores visibility into this secure traffic, using cryptographic acceleration hardware to decrypt and analyze SSL-protected traffic in real time at speeds up to a sustained 20Gbps. Equipped with the ExtraHop SSL Expansion Kit, IT teams can achieve unprecedented results:

  • Decrypt and analyze SSL-protected traffic for most cipher suites
  • Offload SSL decryption to specialized hardware to perform bulk decryption at 20Gbps and up to 35,000 SSL handshakes per second for 2048-bit keys and 200,000 SSL handshakes per second for 1024-bit keys
  • Support variable key lengths, up to 2048-bit keys as recommended by the U.S. National Institute of Standards and Technology
  • Provide SSL envelope analysis for easier encryption management, including audits of ciphers, key lengths, and certificates