SSL encryption is the cornerstone technology that makes the Internet secure. Email, e-commerce, voice-over-IP, online banking, remote health, and countless other services are kept secure with SSL. Unfortunately, most of that traffic goes uninspected because many security and performance monitoring tools lack the ability to see inside the encrypted sessions. Monitoring application performance
and network usage patterns becomes impossible if you cannot determine which applications are running over the network. Even worse, malware can create SSL sessions to hide its activity, confident that security tools will neither inspect nor block the traffic. The very technology that makes the Web secure can become a threat vector.
Decrypting SSL traffic requires knowledge of the keys used for encryption. The public keys are clearly visible at the start of the transaction, but access to the private keys is controlled by the administrator.