To ensure Ion is able to control the browser environment and application settings needed to make the target line of business application function properly, Ion functions as a localhost web application proxy. Much like any proxy, traffic is terminated by Ion and then a new request is created to the destination site. This process is often known by the maliciously named ‘Man In the Middle’ (MITM) attack. Ion differs from a traditional, insecure MITM attack in several ways:
- Unlike a malicious MITM attack, Ion is run on the localhost and not located in the network.
- During the Ion installation process, a new and randomly generated localhost certificate is created. This is unlike the process used in MITM software such as Superfish and others. The process used by Ion eliminates the ability to re-use Ion generated certificates on machines other than the one on which is was created.
- Ion only intercepts traffic as designated and defined by system administrators, not all traffic. This is unlike a malicious MITM attack where all traffic is handled via the MITM process.
- Ion is intentionally installed on the user system by the organization and settings are defined/controlled by the organization so the Ion processes are known and defined unlike a malicious MITM attack where the users and administrators are unaware of the process.
Posted in: Ion General FAQs,