10-18-2016 11:09 AM - edited 10-18-2016 11:10 AM
Does anyone know if there is a good way to decrypt incoming traffic in order to send it to an IDS system and then encrypt the traffic again and send it to its destination server?
10-27-2016 10:04 AM
There are multiple ways of achieving it
1) You can sandwich the IDS between two vTM instances, one doing the decryption and the other doing the re-encryption
2) You can use one vTM to take the traffic, decrypt it and forward it to the IDS. Ensure the IDS returns the traffic back to another Virtual service on the vTM and make it re-encrypt at that point on. Make sure that the second VS on the vTM is not using a publicly reachable IP for security reasons.
3) If the IDS can programmatically process the traffic and return, the embedded Java functionality within TrafficScript of the vTM can do the traffic forwarding to the IDS.