Firewall Wizards mailing list archives
RE: Using SSL accelerators in firewalls
From: "Dawes, Rogan (ZA - Johannesburg)" <rdawes () deloitte co za>
Date: Wed, 17 Jul 2002 16:41:46 +0200
It's a lot easier to access the data on the network than it is in process memory, and has a much smaller effect on the responsiveness of the application. i.e. it is a lot less likely that it will be detected. Rogan
-----Original Message----- From: miha () nil si [mailto:miha () nil si] Sent: 17 July 2002 04:10 To: Darren Reed Cc: firewall-wizards () honor icsalabs com; firewall-wizards-admin () honor icsalabs com Subject: Re: [fw-wiz] Using SSL accelerators in firewalls Let me ask this question another way :-) If the bank has a SSL accelerator to <quote> screen traffic and then pass your data through some number of other things, unencrypted <end quote>, how is that different from decrypting it on the web server and then doing the same thing (assuming you have a two tier design). Bad design is not device dependant, it can be achieved using a large variety of tools. --- Miha Vitorovic Inženir v tehničnem področju Customer Support Engineer NIL Data Communications, Einspielerjeva 6, 1000 Ljubljana, Slovenia Phone +386 1 4746 500 Fax +386 1 4746 501 http://www.NIL.si In some email I received from Darren Reed, sie wrote:There would seem to be a growing trend in using SSL accelerators not next to the web server but attached to a firewall so that it isn't https traffic that passes through but http.Let me ask this question another way. If your bank was using one of these SSL accelerators and it was not directly attached to the web server, but the "far side" of something else so they could screen traffic and then pass your data through some number of other things, unencrypted, would you use that bank's Internet Banking service which used SSL encryption ? _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Using SSL accelerators in firewalls, (continued)
- Re: Using SSL accelerators in firewalls Carson Gaspar (Jul 22)
- Re: Using SSL accelerators in firewalls Ryan McBride (Jul 17)
- Re: Using SSL accelerators in firewalls Scott Walker Register (Jul 17)
- Re: Using SSL accelerators in firewalls Paul Robertson (Jul 17)
- RE: Using SSL accelerators in firewalls Ian Peters (Jul 17)
- Re: Using SSL accelerators in firewalls Fabio Pietrosanti (naif) (Jul 17)
- Re: Using SSL accelerators in firewalls Ryan Russell (Jul 17)
- Re: Using SSL accelerators in firewalls miha (Jul 17)
- RE: Using SSL accelerators in firewalls Dawes, Rogan (ZA - Johannesburg) (Jul 17)
- RE: Using SSL accelerators in firewalls Dawes, Rogan (ZA - Johannesburg) (Jul 17)
- RE: Using SSL accelerators in firewalls Dawes, Rogan (ZA - Johannesburg) (Jul 17)
- Re: Using SSL accelerators in firewalls Dana Nowell (Jul 17)