Easily and Selectively Inspect Encrypted HTTPS Traffic
As websites and cloud apps move to encrypted HTTPS connections, the need to inspect encrypted content is a critical capability to meet compliance, prevent malware and protect against data loss. Performing decryption with network appliances is expensive and does not scale. The iboss cloud performs this function in the cloud to inspect encrypted traffic at scale and with ease.
Although decrypting SSL/TLS HTTPS traffic is a necessity, the need to do so may need to be selectively controlled. For example, it may be desirable to avoid breaking HTTPS on highly trusted financial sites while decrypting traffic to destinations that host generic files, like Box or Dropbox. The iboss cloud provides a broad array of selective decryption options that allow certain traffic to be decrypted while leaving other traffic untouched.
These granular and selective controls on HTTPS decryption and bypass are critical in ensuring administrators have the tools they need to adequately apply web filtering, compliance, malware defense, botnet detection and data loss protection to users in the organization.
Inspect and Secure HTTPS Encrypted Traffic Easily in the Cloud
HTTPS decryption can be applied to specific users or groups of users on the network based on a user’s Active Directory Group, LDAP Security Group or Organization Unit (OU).
Specific destinations can be decrypted by specifying specific domains. Complete categories of websites can be decrypted or bypassed from decryption. Or, decryption can be applied to a network subnet or bypassed for the subnet altogether.
Encrypted SSL/TLS traffic continues to be on the rise. According to Google’s Transparency Report on HTTPS traffic, as of the end of the end of February 2020, 97% of all browsing time through the Chrome browser was over HTTPS encrypted connections. Virtually all data traveled to the cloud over encrypted data channels making it impossible to inspect and protect network data which is masked by the protected connection.