 |
Important
To use TLS traffic inspection, your Deep Discovery Inspector appliance must support inline deployment. For details, see
the Installation and Deployment Guide.
|
Use TLS traffic inspection with Deep Discovery Inspector deployed inline to decrypt and inspect TLS traffic. TLS traffic
inspection supports IPv4, VLAN, and TLS. When Deep Discovery Inspector is deployed inline and
TLS traffic inspection is not enabled, traffic flowing through the inline ports is
not
inspected.
Deep Discovery Inspector does not support inline
and out-of-band deployment at the same time. To inspect traffic, you must either enable
TLS traffic inspection and use the inline ports, or disable TLS traffic inspection
and
mirror traffic to the data ports.
Deep Discovery Inspector does not have the
ability to block traffic. Deep Discovery Inspector can only inspect traffic.
Use the following screens to configure TLS traffic inspection.
-
To configure general TLS traffic inspection settings, go to Inspection
Settings screen.
-
To configure certificates for TLS traffic inspection, go to the
Certificate Management screen.
 |
Note
You must configure a Trusted CA Certificate and Signing Certificate for TLS
traffic inspection.
|
-
To configure the decryption policy for TLS traffic inspection, go to the
Decryption Policy screen.
|
Note
When TLS traffic inspection is enabled, scanned traffic in Deep Discovery Inspector refers to traffic
that flowed through the inline ports and was decrypted by Deep Discovery Inspector
|
