Specifically, the use of
ephemeral ciphersuites is not compatible with current enterprise
network monitoring tools such as Intrusion Detection Systems (IDS)
and application monitoring systems, which leverage the current TLS
RSA handshake to passively monitor intranet TLS connections made between
endpoints under the enterprise's control.
From Steve Fenter:
Section 1 Introduction, 2nd paragraph
Specifically, the use of ephemeral ciphersuites is not compatible with current enterprise network monitoring tools such as Intrusion Detection Systems (IDS) and application monitoring systems, which leverage the current TLS RSA handshake to passively monitor intranet TLS connections made between endpoints under the enterprise's control.
Add "to" between handshake and passively.