6.10. SSL/TLS Metering
New in R 3.0
Three new counter groups give you great visibility into the SSL encrypted traffic in your network.
- TLS Orgs – Traffic by servers from subject part of the certificate
- TLS Ciphers – Traffic by encryption and key exchange algorithm
- TLS CAs – Traffic by certificate authority
Trisul handles SSL/TLS session resume.
6.10.1 TLS Orgs
Meter traffic by the entity in the Subject Common Name in the X.509 Certificate. This counter group tells you how much of your SSL traffic is Google, Twitter, Dropbox, etc. Visibiliy you cannot have otherwise.
You can also generate long term usage reports with several charts like the pie chart shown below using Retro Tools.
6.10.2 TLS Ciphers
Meters traffic by the “cipher suite” used by SSL/TLS connections. The cipher suite is a combination of the encryption and the key-exchange algorithm used.