Factsheet TLS interception

  • Type: Factsheet
  • Last change: 20-04-2018
  • First publication: 20-04-2018
  • Version: 1.0
  • Status: Active

TLS interception makes encrypted connections within the network of an organisation accessible for inspection. The use of this technical measure should be carefully considered in the light of additional risks and should meet a number of important preconditions.

The reason for using TLS interception is that more and more internet services and connections use TLS encryption. This safeguards the integrity and confidentiality of data transmitted and received. At the same time, it makes it more difficult for organisations to inspect internet traffic centrally in their network for malicious elements and confidential organisational data that leaves the organisation via the internet.

The NCSC recommends organisations to conduct a review of compliance with legal requirements, covering at least the processing of personal data. In addition, it is necessary to make a thorough assessment of the usefulness and necessity of applying TLS interception in the context of other security measures. The TLS proxy must securely establish encrypted connections and be integrated within other security measures. Finally, it is important to properly secure the TLS proxy itself, because it is an attractive target.

A Dutch version of this factsheet is also available on the Dutch section of this website.


CSAN 2018

Nederland digitaal veilig