SCIP software enables an organisation to secure their network from attack by encrypted web traffic.  SCIP enables the automatic application of security policies to all encrypted inbound and outbound Internet traffic.  The data is decrypted, forwarded to the content scanner for inspection, then re-encrypted and sent to its destination.  All security policies that apply to standard http traffic also apply to SSL encrypted traffic.

All digital certificates are checked for validity (common name, expiration date, revocation status, valid issuer CA).  SCIP catches bogus, self-signed and revoked certificates - a common indicator of untrustworthy encrypted web traffic.

Unlike simple “SSL bridging” or a “reverse proxy” that cannot protect an internal network from encrypted attacks, SCIP is defending an organisation from the inside.  Trojans, Viruses, Spyware, Digital Contraband (such as copyrighted material and confidential files) and inappropriate content can be transported in and out of a network if SSL connections are not monitored and inspected.

Features of Microdasys SCIP include

• Decryption and encryption of all inbound and outbound SSL (”https”) traffic
• Security policy enforcement, even if the traffic is encrypted
• All certificates are inspected and allowed or denied at the gateway level based on security policies, not the discretion of the client user
• Automatic revocation checking with CRL and OCSP support
• Extensive exception handling and incident management capabilities
• Supports unlimited, multiple accounts with role-based, multi-admin administration