惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

D
Docker
爱范儿
爱范儿
人人都是产品经理
人人都是产品经理
博客园 - 司徒正美
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
量子位
罗磊的独立博客
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
小众软件
小众软件
C
Cybersecurity and Infrastructure Security Agency CISA
Cyberwarzone
Cyberwarzone
大猫的无限游戏
大猫的无限游戏
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
雷峰网
雷峰网
Simon Willison's Weblog
Simon Willison's Weblog
The Cloudflare Blog
博客园 - 三生石上(FineUI控件)
D
Darknet – Hacking Tools, Hacker News & Cyber Security
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园_首页
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
T
The Exploit Database - CXSecurity.com
T
Tailwind CSS Blog
IT之家
IT之家
博客园 - 聂微东
Spread Privacy
Spread Privacy
V2EX - 技术
V2EX - 技术
S
Security Affairs
宝玉的分享
宝玉的分享
V
V2EX
C
Cisco Blogs
博客园 - Franky
美团技术团队
酷 壳 – CoolShell
酷 壳 – CoolShell
月光博客
月光博客
S
Securelist
J
Java Code Geeks
Webroot Blog
Webroot Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
P
Proofpoint News Feed
Last Week in AI
Last Week in AI
L
LINUX DO - 热门话题
NISL@THU
NISL@THU
WordPress大学
WordPress大学
W
WeLiveSecurity
T
Threatpost
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
腾讯CDC
阮一峰的网络日志
阮一峰的网络日志

SECURITY.COM

Humble Brag: Symantec® Data Center Security Achieves Common Criteria Certification Tips to Harden Your Air Gapped Environments Your DLP Incident Backlog Owes You Closure 5 Reasons Symantec® CBX Delivers Total Endpoint Visibility 8 XDR Questions From the Show Floor Locking Down the Server Data Security Is Having A Moment 5 Ways XDR Helps SOCs Act Faster 5 Ways To Keep AI in Check DLP Made Easier on the Teams Running It Web Traffic Visibility is the New Non-Negotiable The Agentic AI Tsunami is Here: Is Your Legacy IAM Sinking or Swimming? For Financial Services, a Wake-Up Call for Reclaiming IAM Control How Cloud-Managed DLP Lowers the Barrier to Entry As Identity Takes Control, Telecom Needs Repatriated IAM Capable of Keeping Up Post-Quantum Security Starts at the Edge The Public Sector Case for Repatriating IAM in the Age of AI The Data Sovereignty Paradox The Unseen Wall: How Billions of Attacks Were Blocked in 2025 The “Zero-Blindness” Roadmap: Achieving Maturity in the DLP Endpoint Workspace IAM Has a Fix for the Modern Identity Crisis Identity is the Control Plane, and AI Just Changed the Game
The Visibility Challenge Nobody Asked For
About the Author · 2026-07-03 · via SECURITY.COM

Encryption is the bedrock of digital trust. It protects our financial transactions, secures our private conversations, and ensures data integrity across the web. 

For security professionals, encryption creates a different challenge. The very technology designed to protect users and data is commonly leveraged by adversaries to hide their most damaging activities.

A growing number of attacks are malware-free, highlighting attackers’ use of valid credentials, trusted services, and authorized pathways to evade traditional security controls. With more than 95% of web traffic now encrypted, security teams need visibility into the channels where modern, AI-driven threats operate—because you can’t stop what you can’t see.

Why old tradeoffs no longer work

SSL/TLS inspection is not a new concept. Security veterans remember the early days of "man-in-the-middle" proxies that often caused more headaches than they solved—slowing down network speeds and breaking applications. Historically, many organizations chose to bypass inspection simply to keep the business running, accepting the risk to avoid the "performance tax” that came with inspecting encrypted traffic.

A tradeoff that is becoming increasingly difficult to justify. When encrypted traffic represents the overwhelming majority of network activity, bypassing inspection means creating visibility gaps that span entire environments.

Given the performance and cost hit that full traffic decryption and inspection can bring, many security vendors offer low-cost solutions that simply bypass encrypted traffic. This leaves a blind spot that many simply overlook, or don’t even know about.

At Symantec, we have spent decades refining transparent proxying and encrypted traffic inspection. Our Edge SWG and SSL Visibility (SSLV) appliance solutions were built to handle decryption without the performance degradation that’s historically limited adoption.

Inspecting traffic in a TLS 1.3 world 

As TLS 1.3 has become the standard, the complexity of inspection has shifted. The protocol's improved privacy features make passive sniffing impossible, requiring active, high-performance proxying to maintain visibility. 

This is where Symantec’s legacy becomes a critical advantage. We didn't build our decryption engine as an afterthought. We built it as a dedicated, high-speed security architecture.

Our approach ensures decrypted traffic can be shared across the broader security stack. By decrypting once and feeding clear-text data to your Secure Web Gateway (SWG), Data Loss Prevention (DLP), IDS/IPS, firewalls, network traffic analysis, security analytics, and sandboxes, organizations can eliminate the need for redundant decryption cycles that create latency and complexity.

Scaling encrypted traffic inspection with Symantec SSP S620

Encrypted traffic volumes continue to grow, and organizations need inspection technologies that can keep pace. The Symantec SSP S620 appliance provides just that, thanks to its recently added support for SSL Visibility. 

This latest enhancement extends the scale and performance of the SSL Visibility Appliance, helping organizations maintain visibility without sacrificing throughput.  

The S620 appliance delivers up to 1.75x greater aggregated performance than previous models in a significantly smaller 1RU footprint. By offloading the resource-intensive task of decryption, organizations extend the value of their existing security stack while improving visibility into encrypted traffic.

For security teams, this means more capacity to inspect encrypted traffic without sacrificing performance or adding unnecessary infrastructure—greater inspection capacity, without the complexity.

Balancing inspection and compliance

Visibility must coexist with compliance. With regulations like GDPR and HIPAA, a "decrypt everything" policy is not only risky—it could be a violation of privacy standards.

Recent analyst insights show that 69% of professionals still face significant challenges around tool visibility and cloud configuration gaps.

Symantec’s policy engine allows for granular, category-based decryption. Organizations can automatically inspect higher-risk categories such as "Uncategorized" or "File Sharing" sites while simultaneously bypassing categories like "Financial Services" or "Healthcare" to support compliance requirements. 

Keeping pace with encrypted traffic

Encryption without inspection is an invitation to the adversary. 

In 2026, the question is no longer whether you should inspect SSL/TLS traffic, but how. And just as important: How can you inspect that traffic at scale without compromising privacy or performance?

Symantec has spent decades solving this exact challenge. Continuous enhancements on the SSP S620 extend the scale and performance of the SSL Visibility Appliance to meet the demands of today’s modern threat landscape.

With these new enhancements to the Symantec SSP S620, we’re offering the ability to see clearly in a world that is increasingly dark. It’s time to reclaim control of your network security with a clear view.

Explore the updated SSL Visibility Appliance product brief to learn how the latest SSP S620 enhancements deliver greater scale and performance. Or better yet? Connect with your in-region expert to speak with a human.

Q&A: The need to inspect encrypted SSL/TLS traffic

Why is it important to be able to inspect encrypted traffic?

Inspecting encrypted SSL/TLS traffic is critical because most internet traffic is now encrypted, and attackers know that encryption can hide their activities just as effectively as it protects legitimate users. Without the ability to inspect encrypted traffic, security teams are essentially blind to a large portion of network activity. This impedes their ability to detect the presence of malware and ransomware, prevent data exfiltration, block phishing attempts, address AI-driven attacks, and more.

Why is granular control over decryption policies beneficial to security teams?

Granular decryption policies let security teams selectively decrypt and inspect high-risk traffic while exempting sensitive or trusted communications. This improves threat detection, reduces privacy concerns, and helps maintain compliance, while minimizing performance and operational impacts. Features like category–based decryption simplifies the task of imposing strict inspection policies on higher-risk categories even as other categories can be bypassed to comply with data handling regulations.

How does support for SSL Visibility enhance decrypted traffic inspection?

SSL Visibility centralizes decryption and re-encryption. This reduces processing demands on security tools, increases throughput, lowers latency, supports consistent policy enforcement, and enables organizations to inspect growing volumes of encrypted traffic efficiently. With its support for SSL Visibility, the Symantec SSP S620 makes it possible to offload the resource-intensive task of decryption, sending decrypted traffic to all your security tools – enabling extensive visibility without sacrificing throughput. “Decrypt once - feed many.”