SSL Orchestrator centralizes & manages decryption of SSL/TLS traffic. This enables security and monitoring tools to view the decrypted content and analyze it for threats and other anomalies. SSL Orchestrator removes the burden of decrypting content from your security tools so they perform better and are more scalable.
An integrated F5 and McAfee Web Gateway solution eliminates the blind spots introduced by SSL/TLS encrypted content.
This article assumes you have SSL Orchestrator configured with a Topology and Service Chain
F5 BIG-IP version 17.1
SSL Orchestrator version 11.0
McAfee Web Gateway version 11.2
McAfee Web Gateway will be configured as a Transparent Proxy
Test this connection now and it should look like the following:
In this example the MWG is configured with a Custom Category to block connections to http://10.4.11.99. When attempting to connect to this site with a web browser you should see a block page like the following:
This completes configuration of BIG-IP SSL Orchestrator with McAfee Web Gateway. At this point traffic that flows through SSL Orchestrator will be decrypted and sent to the MWG Service and inspected for malicious payloads or policy violations.