Tech Tips: DPI SSL - Need of the hour

shiprasahu93

Hello Everyone,

With everything being SSL encrypted like emails, web content, file transfers it is now more important to protect against attacks that can happen through these encrypted channels. SonicWall has an amazing security service engine but the data that needs to be fed to it has to be decrypted first.

Deep Packet Inspection of Secure Socket Layer (DPI-SSL) extends SonicWall’s Deep Packet Inspection technology to allow for the inspection of encrypted HTTPS traffic and other SSL based traffic. The SSL traffic is decrypted transparently, scanned for threats and then re-encrypted and sent along to its destination if no threats or vulnerabilities are found. DPI-SSL provides additional security, application control, and data leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic.

Here's a quick FAQ sheet on it:

https://www.sonicwall.com/support/knowledge-base/client-dpi-ssl-frequently-asked-questions-faq/170505782716496/

Also, it can be configured by following the steps given in the KB below:

https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-client-dpi-ssl/170505885674291/

This feature is not just a check box but needs some homework. We would need to perform the DPI SSL certificate deployment before we can turn it ON. The following KB lists all the different methods that can be used for the same.

https://www.sonicwall.com/support/knowledge-base/various-methods-to-distribute-sonicwall-dpi-ssl-certificate/200605074812563/

To learn more about this feature, you can check out:

https://www.sonicwall.com/support/knowledge-base/where-can-i-learn-more-about-dpi-ssl/170503997881184/

Also, enabling DPI SSL license is now easy on mysonicwall. It is made available for free on all Gen 6 and 6.5 appliances. Please click on the product of choice and enable the DPI SSL license as below.

I hope you find this useful!

Thank you and stay safe!!

Nevyaditha

Great Work @shiprasahu93 !!

Halon5

Hi @shiprasahu93 ,

While DPI-SSL is a great way to augment security through payload scanning, I find separation and the accounting of that far more important. The reporting and accounting of users and devices needs to be very clear when it comes to traffic. Without that, the scanning just adds confusion. Especially since it is somewhat limited.

My 2 cents.

Larry

@shiprasahu93 - while this is all very valid information, I'm old school and like hard copy print outs so that I can make notes and add specifics.

If you've ever tried to do a Print Preview of one of these KB articles, you'd see that it results in gibberish.

I have to copy the text, paste into Word and massage quite a bit to get a decent document.

My request for enhancement: a Print button that provides a decent PDF version of the KB article.

That's a huge effort for the developers and doc team, but I think others would really appreciate it. (Probably more so if SonicWall would drop the exploding light bulb on every darn page.)

Thanks for the consideration.

Larry

Micah

@Larry thanks for the feedback. This feature is actually on the roadmap. We hope to have something soon. Thanks for your continued engagement!

shiprasahu93

Thanks for confirming @Micah. I was about to check with you. Glad to hear that it is on the roadmap already!

xdmfanboy

Ditto Larry's comments! The KB has been hard to use for years, not being able to print or save articles without extensive massaging.