Enabling Ssl Decryption In Ips Settings Node - McAfee M-1250 - Network Security Platform Configuration Manual

McAfee® Network Security Platform 5.1

Enabling SSL decryption in IPS Settings node

The
includes enabling SSL decryption, enabling packet logging for SSL-encrypted attacks,
setting the number of SSL flows to monitor simultaneously, and setting the session cache
time.
Caution:
be rebooted. Also, if the
To enable and configure the SSL decryption at the IPS Settings, do the following:
1
2
3
4
5
Enable
action enables the SSL functionality of the IPS Sensor. SSL configuration
In order to enable/disable SSL functionality on a Sensor, the Sensor must
SSL Flow Count
IPS Settings > SSL Decryption > Enable
Click
Sensor Name
Select the from the drop-down. The drop-down lists the IPS Sensors
IPS Settings
added under node.
Yes SSL Enabled
Click in , to enable SSL decryption on the selected Sensor.
Yes
Click to enable packet logging for SSL-encrypted attacks.
Note: When you enable SSL decryption, a packet log for an SSL encrypted
attack is displayed, that is, the data related to the attack is decrypted and
displayed. This means, you will be able to see confidential information.
SSL Flow Count
Type an value. This value represents the number of SSL flows that can
be processed at a given time by a Sensor. The value range is Sensor specific.
Sensor model
I-4010
I-4000
I-3000
I-2700
Note: SSL decryption is not supported on I-1200, I-1400, M-series Sensors.
The number of supported SSL flows on a Sensor directly impacts the number of
TCP flows that can be processed simultaneously.
is changed, a Sensor reboot is required.
.
SSL Flow count maximum
100,000
100,000
50,000
25,000
105
Managing IPS settings