Functionality

Topics:
Supported Features
Security Services

Supported Features

Deep Packet Inspection of Secure Socket Layer (DPI-SSL) extends SonicWALL’s Deep Packet Inspection technology to the inspection of encrypted HTTPS traffic and other SSL-based traffic. The SSL traffic is decrypted (intercepted) transparently, scanned for threats, and then re-encrypted and, if no threats or vulnerabilities are found, sent along to its destination.

DPI-SSL provides additional security, application control, and data-leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic. DPI-SSL supports:

Transport Layer Security (TLS) Handshake Protocol 1.2 and earlier versions – Starting with SonicOS 6.2.1.2, the TLS 1.2 communication protocol is supported during SSL inspection/decryption between the firewall and the server in DPI-SSL deployments (previously, TLS 1.2 was only supported between client and firewall). Transport Layer Security (TLS) 1.2 provides better security than TLS 1.0 or 1.1, or SSLv3 or earlier versions of SSL. The TLS protocol allows client/server applications to detect message tampering, interception, or forgery. SonicOS also supports TLS 1.2 in other areas as well.
SHA-256 – Starting with SonicOS 6.2.1.2, all re-signed server certificates are signed with the SHA-256 hash algorithm. SHA-256 is a Secure Hash Algorithm that generates a 256-bit (32-byte) cryptographic hash that acts as a signature for a file. SHA-256 provides stronger encryption than SHA-1.

DPI-SSL also supports application-level Bandwidth Management over SSL tunnels. App Rules HTTP bandwidth management policies also applies to content that is accessed over HTTPS when DPI-SSL is enabled for App Rules.

Security Services

The following security services and features can use DPI-SSL:

Gateway Anti-Virus
Gateway Anti-Spyware
Intrusion Prevention
Content Filtering
Application Firewall