Wheel Lynx SSL Inspector

Wheel Lynx SSL Inspector enables transparent SSL/TLS traffic decryption for further analysis by DLP/IDS/IPS systems.

The appliance works in transparent bridge mode intercepting selected network traffic. SSL sessions pass through Wheel Lynx SSL Inspector transparently so the client software thinks it connects directly to the target server as it uses the original address of the target host. The decrypted network traffic is forwarded to the dedicated DLP/IDS/IPS device for evaluation. Wheel Lynx SSL Inspector encrypts data again and sends it over to the target server. The DLP/IDS/IPS systems can order Wheel Lynx SSL Inspector to terminate the connection. Unencrypted traffic, which can also pass through Wheel Lynx SSL Inspector, is forwarded to the IDS/IPS without being modified.

Features

Main features

  • signed and self-signed certificates handling
  • Server Name Indication (SNI)
  • OCSP support
  • decrypt once feed many
  • selective whitelisting based on categories
  • network bypass
  • whitelisting source and target hosts
  • whitelist subscription service
  • supports connections initialized as encrypted (such as HTTPS) as well as protocols, which can begin encrypted transmission by executing the STARTTLS command (e.g. SMTP)
  • TLS SNI (Server Name Indication) extension support

Supported protocols

  • SSL 2.0
  • SSL 3.0
  • TLS 1.0
  • TLS 1.1
  • TLS 1.2

Business advantages

Integrating SSL inspector with DLP/IDS/IPS systems enables a thorough analysis of  network traffic. Decrypted traffic is analyzed for signs of security and data breaches. It is possible to detect viruses, unauthorized document copying as well as malware attacks.

  • L1 L3 L10 L25 LInfinity
    Throughput 1Gbps 3Gbps 10Gbps 25Gbps 50Gbps
    Concurrent sessions 25 50 250 500 1,000,000
    Full handshakes (RSA 1024 bit) 1,500/s 3,000/s 15,000/s 30,000/s 100,000/s
    Full handshakes (RSA 2048 bit) 750/s 1,500/s 5,000/s 10,000/s 50,000/s
    Size 1U 1U 2U 2U 3U
  • White list is a list of URLs and IP addresses excluded from decryption. The list is maintained by WHEEL Systems and it contains URLs and IP addresses of financial, medical and religious institutions. Wheel Lynx SSL Inspector automatically downloads the list and allows for adding user-defined records.

Contact form

Are you interested in our products? Contact us.