It is the time of the year where adults and children alike put on costumes and go out to gather candy or create mischief. The costumes are scary or cute, but always achieve the goal of obfuscating the individual and hiding their true identity and intent. The person wearing the costume does not express their goal until they are interacting with their target.
Encryption of content on the internet serves the same purpose. People and devices are surfing the internet and accessing applications owned by different businesses. These businesses do not know the intent of the user connecting to their application unless they are using various IT security inspection solutions such as next-generation firewalls (NGFW), intrusion prevention systems (IPS), and web application firewalls (WAF). Encryption of the content makes it impossible for these security solutions to inspect the traffic for malicious behavior unless they have the ability to decrypt the connection to expose the clear-text information within the payload.
Trick or treat?
Encrypted content makes it hard to determine who the user is. It is even harder to determine the intent of the user. Encryption makes everyone look similar when surveying the field. Many of the identifying keys that security solutions use are hidden within the encrypted payload.
This makes it essential for businesses to use technologies that can unencrypt the content to discover the real purpose of the user. Decryption removes the costume to reveal the person’s true goal. Once the content is decrypted, the existing security solutions can do their job to identify the potential threats.
Don’t throw out the good with the bad
Not all encrypted connections hide malicious intent. There are good reasons to use encryption as well. People want privacy to protect their personal information such as medical or financial records. Encryption provides data integrity to ensure that the information received is exactly what was sent.
A proper solution is needed to address the positive and negative goals of encryption, alike. We need to inspect the encrypted traffic for the malicious content while protecting the information of the legitimate users. Most of the costumed people are friendly and looking for treats, but we need to be able to identify and stop the few people that may want to throw eggs at your house or worse.
The solution is not unlike the security checkpoints at the airport. A universal system to decrypt the traffic at one centralized location can decrypt the content, perform an initial triage analysis and then steer the traffic to the different security solutions as unencrypted data. Once the security solutions have performed their task, the content is re-encrypted and sent on to its destination.
Encryption is agnostic
Encryption has neither good nor bad intent. It is designed to hide the intent of the content that is being obfuscated. The technology is doing the same job the holiday costumes are performing for the people. There is a reason the content is encrypted, and it is up to the business to determine the intent whether the user is looking for that trick or treat.
Read “Keep It Simple; Make It Scalable: 6 Characteristics of the Futureproof Load Balancer” to learn more.
Frank Yue is Director of Solution Marketing, Application Delivery for Radware. In this role, he is responsible for evangelizing Radware technologies and products before they come to market. He also writes blogs, produces white papers, and speaks at conferences and events related to application networking technologies. Mr. Yue has over 20 years of experience building large-scale networks and working with high performance application technologies including deep packet inspection, network security, and application delivery. Prior to joining Radware, Mr. Yue was at F5 Networks, covering their global service provider messaging. He has a degree in Biology from the University of Pennsylvania.