What is SSL Inspection?

SSL inspection is the process of intercepting and reviewing SSL-encrypted internet communication between the client and the server. The inspection of SSL traffic has become critically important as the vast majority of internet traffic is SSL encrypted, including malicious content. Read more .

How Zscaler Protect's SSL Traffic

When you enable SSL inspection, the Zscaler service establishes a separate SSL tunnel with the user’s browser and with the destination server. Zscaler SSL inspection steps are outlined below A user opens a browser and sends an HTTPS request. The Zscaler service intercepts the HTTPS request. Through a separate SSL tunnel, the service sends its own HTTPS request to the destination server and conducts SSL negotiations. The destination server sends the Zscaler service its certificate with its public key. The Zscaler service and destination server complete the SSL handshake. The application data and subsequent messages are sent through the SSL tunnel. The Zscaler service conducts SSL negotiations with the user’s browser. It sends the browser the Zscaler intermediate certificate or your organization’s custom intermediate root as well as a server certificate signed by the Zscaler intermediate CA. The browser validates the certificate chain in the browser's certificate store. The Zscaler service and the browser complete the SSL handshake. The application data and subsequent messages are sent through the SSL tunnel. Zscaler does full inbound and outbound content analysis, and provides unlimited capacity to inspect all your traffic, including SSL. Every user, no matter where they connect from — on or off-network — gets the same protection. Read more.

Products > SSL Inspection

Encryption, Privacy, and Data Protection: A Balancing Act

詳細を見る Read Latest Research

Zscaler SSL inspection

The Zscaler Cloud Security platform enables complete SSL inspection at scale, without latency and capacity limitations. By pairing SSL inspection with Zscaler’s complete security stack as a cloud service, you get improved protection without the inspection limitation of appliances.

Unlimited capacity

Inspect ALL your user’s SSL traffic, on or off network, without performance concerns. Our service will elastically scale based upon your traffic demands.

Leaner administration

The certificates are uploaded once to the Zscaler Cloud and are then available in all 150 data centers worldwide. Certificates no longer need to be managed individually across all gateways.

Granular policy control

Ensure compliance by excluding encrypted user traffic for website categories such as healthcare or banking.

Safe and secure

Latest AES / GCM and DHE codes for PFS are supported. User data is never stored in the cloud.

Simplify cert management

Use our certs or bring your own. Use our API to easily rotate your certificates as often as you want.

Zscaler does full inbound and outbound content analysis, and provides unlimited capacity to inspect ALL your traffic, including SSL.

Embrace the ultimate security stack as a service

Offered as a service from the pioneer in cloud security, Zscaler provides a full security stack with all the in-depth protection you’ll ever need. Zscaler does full inbound and outbound content analysis, and provides unlimited capacity to inspect ALL your traffic, including SSL. Every user, no matter where they connect from — on or off network — gets the same protection.

Learn About Zscaler Internet Access

Add Zscaler Advanced Threat Protection for zero-day and ransomware protection

With our inline Cloud Sandbox, you can provide full sandbox protection, no matter where your users go, or how they connect to the internet. Get always-on zero-day protection and ransomware protection, and in-depth visibility into the behavior of malware targeting your users. And you can also hold onto file delivery until confirmed sandbox clean.

With Zscaler ATP get always-on zero-day protection and ransomware protection, and in-depth visibility into the behavior of malware targeting your users

Malware severity
Finds and stops evasion attempts
Shows callback behavior
Tracks infiltration behavior
Details of files dropped
Playback recording of infection

Learn About Zscaler Advanced Threat Protection

Harness the power of a globally distributed security cloud

Explore Trending Internet Threats

Enjoy a faster, more secure user experience from the market leader in cloud security

With 150 data centers globally, all mobile users using Zscaler Client Connector (formerly Z App) get a fast, local connection no matter where they connect.

The Zscaler Cloud Security Platform elastically scales to your users’ traffic demands, even hard-to-inspect SSL.

Zscaler processes more than 160 billion transactions at peak periods and performs 175,000 unique security updates each day. Any threat detected in our cloud is blocked for every other cloud user within seconds.

Getting started is simple

With Zscaler, there is no hardware deploy or manage. By making Zscaler your next hop to the internet you’ll immediately enjoy increased security and compliance. Turn on the services you need now, and easily add more as your demands grow or as you phase out appliances.

Close security gaps by adding Zscaler Advanced Threat Protection with SSL visibility.

Simplify security and reduce costs by phasing out appliances and adding more Zscaler services.

Transform your network security and improve performance with direct internet connections.

Encryption, Privacy, and Data Protection: A Balancing Act