Symantec SSL Visibility Appliance Valuable Features

MT
Senior Network Security Engineer | Security Solutions Design Engineer at a government with 1,001-5,000 employees

One of the most valuable aspects of this solution is that it's easy to deploy without a lot of complications. Of course, one has to be very good at understanding the PKI as a whole. But in terms of implementation, we are utilizing Fail-to-Network, which means even if SSLV for some reason goes down, we don't get traffic interruption. 

In terms of SSLV's feature itself, it is very flexible in terms of whitelisting. For example, if I do not want to encrypt some things that are subject to compliance, it has easy categorization of the hostname that is out of the box. In one click I am able to dictate which hostname it should encrypt or not. It is easy to abide by the compliance policy. It is not just category-based, it is also very easy to whitelist or bypass the decryption based on IP addresses. For example, we have a finance minister who is in our network and we do not want to see all of his internet activity. It allows us to bypass it based on his IP address.

There are many ways we can bypass SSL decryption. Be it destination IP, the source IP, the URL, the hostname, et cetera. This is the easiest solution and I did a little bit of research before and I could not find another solution that does this. 

There is also a return on investment. They have very good hardware and it is already prepaid for SSL 1.3. They have a way to do that. Not all types of versions can be decrypted. But to some extent, they can do that also, SSL 1.3. That is something amazing and most of the other vendors cannot do that.

View full review »
MT
Senior Network Security Engineer | Security Solutions Design Engineer at a government with 1,001-5,000 employees

There are a lot of noticeable benefits including the ability to categorize and detect a lot of URLs, hostnames, and file types.

This solution is really easy to deploy as long as the implementer understands PKI as a whole.

The most valuable feature is the Fail-to-Network (FTN) option, which means that if for any reason the appliance goes down then there is no interruption in traffic.

It allows for easy categorization of data according to the hostname, out of the box. For example, we may not want to unencrypt certain things that are subject to compliance, such as an e-commerce site, government site, or a banking site. We can easily detect and classify these, acting accordingly once they have been classified. In a single click, I am able to specify which category of hostnames it should decrypt or not decrypt. This allows us to easily comply with enterprise policy.

It is easy to bypass decryption not just by category but also by using the IP address. For instance, we have a finance minister who sits in our network and we do not want to see their internal activity. This solution allows us to bypass that traffic based on IP, whether it is the source or destination. We can also bypass decryption based on the URL.

View full review »
CB
CTO at a tech services company with 1-10 employees

The ability to do SSL chaining is most valuable. It provides the ability to send decrypted traffic at close-to-line speed to products that can't decrypt. So, it can take the decrypted traffic and send it to your IPS or your other tools to be able to see what's inside of that traffic for DLP or malicious content detection. That's the whole beauty of it. It was probably the elephant in the room for the longest in terms of SSL decryption. It can get the high band, especially for places that had a lot of decryption to do, such as big finance companies, big telcos, etc.

It is a really good product. It has different features and things built into it. Feature-wise, they're the elephant in the room.

View full review »