Perfect Forward Secrecy: How to Maintain Visibility | ExtraHop


Perfect forward secrecy (PFS) is an elegant solution to an important encryption weakness, but it negatively impacts the analysis of packet data. It's likely to be mandated in the upcoming TLS v1.3 standard, so IT organizations need to have a plan in place for maintaining visibility into data center traffic.

In the short video below, I explain how PFS works and the benefit of ExtraHop's non-invasive method of decrypting and analyzing PFS-protected traffic.


This is a companion discussion topic for the original entry at