A middlebox device is a computer networking device that may be configured to intercept and decrypt network traffic, and then inspect and/or modify the network traffic. Middlebox devices are widely deployed in enterprise networks to improve network security and performance.
One potential problem with allowing a middlebox device to decrypt network traffic is the potential exposure of sensitive data that is included in the network traffic. This sensitive data that may be included in network traffic may be data related to criminal records, health records, tax records, financial records, educational records, government numbers (e.g., a social security number or a driver's license number), or user passwords. Further, it is common for certain individuals, such as network administrators, to be tasked with administering a middlebox device and to consequently have access to the network data that is decrypted on the middlebox device.
Therefore, although a middlebox device may generally improve network security and performance in an enterprise network, some enterprises are uncomfortable with the use of a middlebox device because of the potential exposure of sensitive data that is included in network traffic.
The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one example technology area where some embodiments described herein may be practiced.