What are the filtering capabilities? Someone needs to finish flushing this out (maybe make it speak to snort or something) because there are a lot of corporate proxies out there that don't support TLS 1.2, for example, which is a travesty that they're really downgrading your security.