WAF scanning & SSL termination

Problem to solve

Traffic that is sent with HTTPS cannot be inspected except by the final recipient. This is good for in-transit security of traffic but it means that security controls cannot view the contents of messages before they reach the application.

Intended users

Further details

Proposal

Terminate SSL connections at cluster ingress with the WAF. Inspect the packet contents for what the WAF rules are configured for. Forward unencrypted traffic to the application and other security tools.

Follow-up question - can we automatically redirect to HTTPS to every connection as traffic leaves the app?
Detail how to extend into UEBA

Permissions and Security

Documentation

Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Links / references

Nginx & SSL Termination

/label feature

Edited Oct 04, 2019 by Sam Kerr