Skip to main content

Selective Decryption with NETSCOUT Arbor Edge Defense (AED) 8100

Decryption can be enabled or disabled for specific protection groups and at specific protection levels, to allow available decryption capacity to be focused on the traffic where decryption is needed.

Download PDF

Arbor Edge Defense® (AED) 8100 sits on your network edge and intelligently determines what traffic to decrypt and what not to. As the traffic enters, AED employs JA3 Hashing to identify valid client traffic and pass it on without requiring decryption. The remaining non validated client traffic is decrypted and run through DDoS countermeasure evaluation to identify and mitigate any malicious traffic. AED also allows users to enable decryption for a protected service and/or protection level. This allows focusing decryption on traffic that only requires it while also avoiding the unnecessary work of decrypting traffic for services that are not under attack. These features increase decryption efficiency.

AED can effectively protect your network at scale, from attacks within encrypted traffic.