SRX

last person joined: 18 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  SSL termination and inspection option in Juniper

    Posted 08-01-2015 11:39

    Hello forum,

     

    Please advise me If this post is off-topic and should come under a new section.

     

    I'm looking help for juniper technology to help me following scenario

     

    ...."we are planning to migirate the reverse proxy running on *nix with mod_sec which is doing ssl offloading , inspection and re-encryption all in one box. I want to know using juniper technology i have heard srx can do ssl inspection, but I'm hoping there are ssl terminators /load balancer which can do the same.

     

    The main concern is for inbound ssl inspection not outbound. I appreciate if both technologies e.g load-balancer and integerated modules (srx offloading inline inspection) be discussed.

     

    Also, please comment on how the use of certificate types be used for ssl decryption. Root cert vs server certificate.

     

    regards,

    asad



  • 2.  RE: SSL termination and inspection option in Juniper
    Best Answer

    Posted 08-02-2015 04:06

    The SRX offers a limited decryption options for the purpose of IDP inspection.

     

    http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/idp-ssl-overview.html

     

    This is not a reverse proxy.

    This is not a load balancer.

     

    If you are looking for reverse proxy and load balancers with hardware decryption these will be different products than a firewall.