[fw-wiz] Using SSL accelerators in firewalls

From: Darren Reed (darrenr@reed.wattle.id.au)
Date: 07/17/02


From: Darren Reed <darrenr@reed.wattle.id.au>
To: firewall-wizards@honor.icsalabs.com
Date: Wed Jul 17 03:41:00 2002

There would seem to be a growing trend in using SSL accelerators not
next to the web server but attached to a firewall so that it isn't
https traffic that passes through but http.

To me this screams out "bad design" as the end-to-end encryption is
lost in the process and the security of transactions eroded.

What do others think? Is this becoming a "done thing" that is more
and more acceptable to corporates or is this just an isolated thing?

Darren



Relevant Pages

  • Re: [fw-wiz] Using SSL accelerators in firewalls
    ... > There would seem to be a growing trend in using SSL accelerators not ... > next to the web server but attached to a firewall so that it isn't ... trust necessary to go to the border of a company and the ammount of trust ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Using SSL accelerators in firewalls
    ... > There would seem to be a growing trend in using SSL accelerators not ... > next to the web server but attached to a firewall so that it isn't ... In this respect you have to think about what the SSL security ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Using SSL accelerators in firewalls
    ... > There would seem to be a growing trend in using SSL accelerators not ... > next to the web server but attached to a firewall so that it isn't ... If your bank was using one of these SSL accelerators and it was not ... Internet Banking service which used SSL encryption? ...
    (Firewall-Wizards)
  • Re: Firewall on server itself
    ... Perhaps the iptables could defend against an intruder who is already ... Firewall vender specific vulnerabilities ... >> be configured to protect the web server as well other computers on ... > The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
    (Security-Basics)
  • Re: [fw-wiz] Using SSL accelerators in firewalls
    ... It also depends on what you're using your SSL for, and how tightly you can couple ... your firewall with your web application. ... web server don't have to be very aware of each other. ... >> lost in the process and the security of transactions eroded. ...
    (Firewall-Wizards)