Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Concurrent ssl connections

DarshilDarshil Newbie ✭
edited March 2021 in Mid Range Firewalls

Hi Team,

Is there any way we can find and export the concurrent ssl connections on port 443 on firewall?

Also how can we find out the current IPS throughput on firewall?

Category: Mid Range Firewalls
Reply

Answers

  • Hello @Darshil,

    You can see the current active users and SSLVPN sessions from the GUI, as below:

    Unfortunately, there is no way to export the data from this page. If you have CLI access, you can use the command "show user status" and get the result.

    Also, Full DPI/Gateway AV/Anti-Spyware/IPS throughput is measured using industry-standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing is done with multiple flows through multiple port pairs. Threat Prevention throughput is measured with Gateway AV, Anti-Spyware, IPS, and Application Control enabled.

    I am not sure if this can be tested in-house.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @Darshil

    if I get you right you're looking for the established HTTPS connections, which be either shown by Investigate -> Logs -> Connection Logs and search for 443. The DPI-SSL on Manage -> Security Configuration -> Decryption Services -> DPI-SSL/TLS Clients shows you some additional values about the inspected SSL sessions.

    AFAIK there is no specific IPS throughput performance value, because it's all mangled in once.

    --Michael@BWC

  • DarshilDarshil Newbie ✭

    @shiprasahu93 we are asking about the SSL connection generated on port 443. Is there any way we can measure this count in real-time.

  • @Darshil,

    My bad, I misunderstood. HTTPS connections going through the firewall can be either seen under the connection logs or on the DPI SSL section as mentioned by @BWC.

    It depends on whether DPI SSL is in use or not. Destination port 443 can be used to filter the connection logs and you should be able to export that data too.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    Hi @Darshil,

    If you configure the DPI SSL, you can get the SSL connections (Current/Peak & Maximum).


Sign In or Register to comment.