On Sun, Jan 18, 2015 at 7:29 AM, Grant Ridder <shortdudey123@gmail.com> wrote:
I wanted to see what opinions and thoughts were out there. What software, appliances, or services are being used to monitor web traffic for "inappropriate" content on the SSL side of things? personal use? enterprise enterprise?
Hi Grant, Fidelis Security (part of GD) does this for USG customers. Good guys with a strong, scalable product. http://www.fidelissecurity.com/ Basically, all internal web browsers get a custom CA which authenticates a re-signing cert. HTTPS traffic is decrypted by an IDS agent, examined and then re-encrypted with the resigning cert. You have to decide for yourself whether you really want to examine your users' HTTPS traffic. It does create a rather hostile work environment for the folks you're playing big brother to. Not quite camera-in-the-men's-room hostile but hostile enough to deter quality staff from seeking and maintaining employment. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/> May I solve your unusual networking challenges?