Question about SSL

Follow

Martins

• October 01, 2020 18:49

Hi Firewalla team, I know that Firewalla look at:

1. SSL certificates
2. SSH/SSL/HTTP/HTTPS protocol 

and a buch of other things...

I remember that some one said that Firewalla doesn't decrypt any SSL to inspect it... but would it be possible in the future release ?

I'm asking that because for example the Untangle have the SSL Inspector that will decrypt the SSL packages, do inspection process and re-encrypt it to send it back to it's destination !

That feature looks cool, and also would improve security right ?

I mean, "would improve security" I know some people would say that decrypting packages doesn't improve security, but on the other side, Firewalla hardware would know what's going on that encrypted traffic !

0

• 

  Firewalla

  • October 01, 2020 21:28

  Looking or not looking at SSL is a philosophical question.  We (the majority of us) do not like to mess around with end to end encryption, that stuff belongs to an enterprise, where there are InfoSec or IT people who understand and can manage the risks created by unwrapping secretes. 

  We do not feel the consumer (people who are buying our boxes) knows how to manage certificates, and also understand the risks of installing a cert (or profile) on their mobile devices.

  And lastly ... there is NO effective way to install certs on IoT devices, so even to unwrap, it will be limited to phones and PC (and pads).

   

   

  1

  Comment actions Permalink
• 

  Martins

  • October 01, 2020 21:32

  Got it ! Thanks Firewalla for the answer !

  0

  Comment actions Permalink

Please sign in to leave a comment.