A relatively large percentage of inbound traffic on the networks of many cloud-based software providers is encrypted. These software providers need to inspect the data on their networks to protect against malware and other unauthorized network access. Except in certain circumstances such as the use of homomorphic encryption or arithmetic changes to the cleartext, encrypted network traffic must be decrypted prior to inspection. As a result, inspecting encrypted network traffic demands additional time and system resources from cloud-based software providers. Conventional techniques for inspecting encrypted network traffic, such as man-in-the-middle monitoring systems, function by decrypting, inspecting, and then re-encrypting all traffic between network nodes. These techniques render network data visible during the inspection process, introduce increased packet loss and higher latency due to increased routing complexity, and are difficult to reconfigure once established. Other conventional techniques decrypt all network traffic at a node of the network, which creates an increased demand on system resources at that node and may reveal network activity that customers, partner services, or internal systems desire to keep private.