Sunday, March 27, 2011

What's the difference between SSL Bridging and SSL Tunneling?

Many firewalls on the market support the concept of SSL Bridging and SSL Tunneling. Microsoft firewalls that support this functionality include:
- Internet Security and Acceleration (ISA)
- Forefront Threat Management Gateway (TMG)

What is the difference between SSL Bridging and SSL Tunneling?

SSL Bridging involves decrypting the traffic on the firewall, inspecting the HTML code and filtering it for malware and any content policies that may be applied. The traffic is then re-encrypted usually using a different certificate provided by an Internal Certificate Authority and passing it onto the end client.

SSL Tunneling involves relaying the traffic unmodified still encrypted with the digital certificate to the end client. No filtering can be applied when a router is configured with SSL Tunneling.

Some companies may not wish to have SSL Bridging configured. When dealing with sensitive traffic such as online banking, I for one would be very concerned if I saw the SSL traffic coming to me with a certificate from an Internal Certificate Authority!

2 comments:

  1. hi clint, i think om going to be a regular reader, i get all my intresting info from your post, so thanks!

    ReplyDelete
  2. nice info. how to disable ssl bridging then on TMG? Appreciate your help on this

    ReplyDelete