Products / Web & Network Security / Encrypted Traffic Management Family / SSL Visibility Appliance

SSL Visibility Appliance

Gain visibility into the blind spot impacting your security tools while maintaining privacy compliance.

TLS 1.3 is here: Are your security tools ready? We are.

The Symantec SSL Visibility Appliance supports TLS 1.3 (RFC 8446) without a security downgrade.

Enable the secure inspection of TLS 1.3 encrypted traffic

Empower security tools to find threats hiding within TLS encryption

The official version of TLS 1.3 (RFC 8446) now includes industry-leading capabilities for enabling the secure inspection of encrypted threats. With the SSL Visibility Appliance, customers get the most extensive out-of-the box set of high-security cipher suites and advanced TLS support to enable security tools across all traffic ports and protocols.

  • Enables the inspection of all ports and protocols of traffic, including TLS 1.3 and SSL decryption and re-encryption
  • Includes 100 native Cipher Suites
  • Supports secure inspection for all previous TLS versions
  • Is quickly added to existing network infrastructure

Simple. Fast. Comprehensive.

The leading purpose-built solution for encrypted traffic management

Ours is the only proven, dedicated enterprise-class encrypted traffic management technology in the industry. This unique solution offers complete visibility and control of encrypted traffic without requiring the re-architecture of network infrastructure. Use this solution to add policy-based SSL and TLS inspection and management capabilities to your network security architecture and lift the security blindfold created by encrypted traffic.

  • Automatically see all SSL/TLS traffic in all ports and applications
  • Free yourself from complex scripting and configuration
  • Feed active and passive devices simultaneously

Enable secure SSL/TLS inspection and preserve data integrity

Secure SSL/TLS interception from the global leader in cybersecurity

SSL Visibility Appliance is a comprehensive, extensible solution that assures high-security encryption. While other vendors only support a handful of cipher standards, the SSL Visibility Appliance provides timely and complete standards support, with 100 Cipher Suites and key exchanges offered. Ours is the only solution that doesn’t downgrade cryptography levels or weaken your organization’s security posture, putting it at greater risk. Benefit from:

  • Industry-leading support for Cipher Suites (RSA, DHE, ECDHE, ChaCha, Camilla, etc.)
  • Support for TLS 1.1 – 1.3 (including RFC 8446) and handshake mechanisms
  • Mirroring of client preferences
  • No reduction in strength of security posture for user sessions

Improve the ROI of your entire security infrastructure

Removing an encryption blind spot can improve existing security tools by up to 50%

SSL Visibility cost effectively enhances your existing security infrastructure. Recognizing that multiple devices need access to SSL/TLS traffic in your infrastructure, this solution feeds active and passive devices simultaneously, perfectly complementing your existing security solutions (such as DLP, IPS, NGFW, and sandbox) without breaking your budget or hindering their performance.

  • Avoid the exponential hardware capacity upgrade costs often required by security solutions needing SSL inspection
  • Equip network forensics and incident response technologies to gain appropriate visibility into encrypted traffic - critical in breach-related events
  • Extend the reach of your tools by feeding them all types of traffic

Preserve privacy and compliance with selective SSL decryption

Gain insight and maintain compliance with HIPAA, PCI and other privacy regulations

Much more than an SSL decryption appliance, Symantec SSL Visibility Appliance provides a powerful, granular policy engine that expedites and simplifies the enforcement and management of security policies for SSL/TLS-encrypted traffic.

This allows policy enforcement based on simple, familiar categories such as Financial Services, Health, Malicious Sources/Malnets, Phishing and more. Enabled by the unprecedented insights of the Global Intelligence Network, the Host Categorization service within the SSL Visibility Appliance helps enterprises create granular policies that balance their data privacy and security requirements. Harness the advantages of:

  • Comprehensive policy enforcement
  • Centralized policy management
  • Compliant handling of sensitive data

Symantec Blogs

Symantec Enterprise Division Joins Broadcom

Creating one integrated Cyber Defense Platform

Posted: 18 Nov, 2019 | 2 Min Read

Read More

The Tea Cup Security Conundrum, or How to Prevent Targeted Attacks

Endpoint Security protects against hard-to-find threats at every stage of the attack chain, blocking hackers from...

Posted: 18 Nov, 2019 | 9 Min Read

Read More

Securing the OSs of Today and Tomorrow

Symantec Endpoint Security is the answer to protecting modern devices – in addition to traditional endpoints...

Posted: 22 Oct, 2019 | 8 Min Read

Read More

Endpoint Defense Starts with Prevention

It’s no longer enough to discover and expel attackers as the dangers posed by endpoints continue...

Posted: 15 Oct, 2019 | 3 Min Read

Read More

"An increasing share of enterprise network traffic is encrypted, creating gaps in defense-in-depth effectiveness that security leaders should not ignore."

Jeremy D'Hoinne, Adam Hils
Gartner Analysts

Discover Our Community

View the latest product discussions in our forums.

Need help?

Technical support and more.

Related Products

Management Center and Reporting

Management Center and Reporting

Network Forensics & Security Analytics

Network Forensics & Security Analytics

Advanced Threat Protection

Advanced Threat Protection

Data Loss Prevention

Data Loss Prevention

Data Sheets

Symantec SSL Visibility
Technology Brief on SSL/TLS Traffic
Network Protection Hardware Products Value of Maintenance

White Papers

Fraunhofer Report on Effective Encrypted Traffic Management (ETM)
Securosis Paper: Security and Privacy on the Encrypted Network
Cost-Effective, Flexible Visibility and Control Of SSL/TLS Network Traffic
5 Steps For Stronger Advanced Threat Protection
Certificate Pinning

Solution Briefs

Implementing Data Privacy Requirements for Encrypted Traffic
Seven Reasons To Deploy Blue Coat SSL Visibility With Application Delivery Controllers
TLS Vulnerabilities: SSLV 4.x Mitigation and Protection

Reports

SANS Institute Case Study on SSL Visibility Appliance
ESG Report: Network Encryption and Its Impact on Network Security

Other Resources

Blind Spot Cost Calculator
Infographic: Protection from the Endpoint to the Network
Encrypted Traffic Management Comparison Chart
E-Book: Encrypted Traffic Management for Dummies

Videos

Demo: See SSL Visibility in Action Today

Blogs

No Device Left Behind: How to Ensure Protection of BYODs
The Tea Cup Security Conundrum, or How to Prevent Targeted Attacks
Symantec Mobile Threat Defense: Mistakes App Developers Should Avoid – Blind Trust
Symantec Mobile Threat Defense: Mistakes App Developers Should Avoid – Blind Trust
Securing the OSs of Today and Tomorrow
Securing the OSs of Today and Tomorrow
Endpoint Defense Starts with Prevention
Symantec Mobile Threat Defense: A Snapshot of Mobile Security Incidents in Q3 2019
Symantec Mobile Threat Defense: A Snapshot of Mobile Security Incidents in Q3 2019
Symantec Mobile Threat Defense: Threat Hunting? Here’s Your Flak Jacket in the Minefield

Connect Forum Discussions

Installation wizard disappears
Produkty Symantec & konto Norton
Installing SEMS on Windows Server 2016 Hyper-V
Problem to encrypt PGP
SSLV is known for “Decrypting once and feeding many.” What are the practical limitation for what feeding many means? Can it feed many active devices or just have maximum 2 active tools and 1 passive tools at one SSLV?
When won’t the SSLV be able to decrypt? Does the client and SSLV have to be integrated into a corporate Certificate Authority as with forward proxy so the SSLV can resign the traffic?
Do you have any SSL Visibility performance statistics for CPU loading in comparison with other brand devices?
Responsibly Intercepting TLS and the Impact of TLS 1.3 (White Paper)
How SSL VA handles the VLAN tagged traffic?
SSL Appliance demo @ virtual appliance