Obviously ExtraHop does a great job of providing visibility into HTTPS data which is secured through SSL. I am curious to hear what support ExtraHop has for other protocols using certificate-based TLS such as SQL, SMTP, FTP, LDAP, etc. Thanks!
The ExtraHop system can decrypt end-to-end SSL connections for all supported L7 protocols, as long as the private key for the communication is uploaded via the Admin UI. At the moment this capability only supports end-to-end SSL channels and not SSL channels initiated with the STARTTLS command. As a result, connections that make use of STARTTLS (e.g. some SMTPS and LDAPS deployments) will not get decrypted.