main

SecuritySSL

High-Performance Visibility into SSL/TLS Traffic

May 2, 2018 — by Fabio Palozza5

Protection of your business’s confidential information and prevention of data breaches are crucial to supporting successful business operations. This necessarily involves taking that extra step to safeguard all forms of communication, including streaming videos, social media interactions, and email messages, against security threats. With SSL/TLS, you can establish secure communication with your business associates and customers. Unfortunately, cyber criminals use SSL/TLS as a tunnel to hide malware from security devices. That’s why even though you may be safeguarded by the most advanced firewall technology and your IDS/IPS is aware of a vast number of vulnerabilities, your existing defense mechanisms may still fail to see into encrypted SSL/TLS traffic. Therefore, you should deploy enterprise security solutions that have the capability to gain visibility into the encrypted traffic and prevent malware from gaining entry into your network.

Such solutions should provide high-performance visibility into your business’s SSL/TLS traffic. They should address the vulnerabilities that result from the widespread use of SSL/TLS while facilitating the work of security tools to scrutinize traffic to detect breaches and leaks. Ideally, the solution that you choose should function as a centralized switching point for all perimeter network security mechanisms and should channel the decrypted traffic between various tools and then finally re-encrypt the traffic while sending it to the destination server. The effectiveness of such solutions should be judged in terms of its scalability and availability for various malware detection tools.

[You might also like: SSL Attacks – When Hackers Use Security Against You]

Features and Benefits: What you should look for in such solutions

  • Complete Visibility into SSL/TLS Traffic: The centralized solution should enhance your data security while strengthening your security infrastructure further. The solution should come equipped with a high-capacity SSL hardware engine and should have the capability to decrypt and re-encrypt traffic in an efficient manner while conducting a thorough inspection of several security tools. The solution is expected to provide high performance, reducing the dormancy for all transactions. The solution should support comprehensive inspection of both inbound and outbound SSL traffic.
  • SSL Traffic Inspection in Higher Volumes: The most advanced solutions come equipped with hardware-based SSL engines that have the capability to handle SSL/ TLS transactions in an efficient manner and to process multi-gigabit of SSL traffic every second. Computational resources tend to experience a heavy workload as they have to process higher volumes of traffic with stronger encryption ciphers. So you need a more competent, elliptic curve cryptography-based encryption algorithm.
  • Scalability and Availability: The solution that you choose should come with load balancing capabilities, which would allow it to balance the load of each security server separately and ensure a seamless flow of traffic through the most available server. The solution should also be competent enough to define whether traffic should be blocked under certain circumstances or bypassing an unresponsive security service would be fine.
  • Granular Traffic Examination: You should go for a solution that can facilitate the work of different security device chains to inspect different traffic flows. This is mainly performed by granular filters that classify traffic under different categories. This will allow you to avoid inspecting traffic that, you think, is safe and save security resources to a large extent.
  • Employee Privacy Protection: Safeguarding your employees’ privacy is crucial to maintaining your goodwill. You need to make sure that you avoid traffic inspection when your employees access private information online with regard to personal banking or healthcare. The solution should be able to classify traffic instantly and determine whether the traffic should be allowed to circumvent decryption and inspection, which would not only ensure user privacy, but will also reduce the load handled by security tools.
  • Centralization of Encryption and Decryption Processes: The solution that you choose should come equipped with advanced application classification capabilities that would allow it to channel traffic to several third-party security solutions for thorough inspection. The centralization of the encryption-decryption process allows for performance maximization, minimizing latency and simplifying the security infrastructure management process.

[You might also like: To stay secure: Four new SSL implementation thoughts]

You should do business with a service provider that would offer you a lot of choices with regard to deployment, which would allow the solution to be seamlessly integrated in your organization’s network. Additionally, the solution should allow for easy monitoring and configuration and superior inspection coverage so that you can assess the utilization of your security infrastructure, envisage SSL traffic patterns, identify issues, and understand the causes. Your service provider should offer you support in all forms at every stage of implementation and operation. Your solution provider should assist you with phone support, software upgrades, hardware upkeep, and on-site backing. Make sure that you have a dedicated team assigned to you to help you make the most out of the solution.

Read “2017-2018 Global Application & Network Security Report” to learn more.

Download Now

Fabio Palozza

Fabio is Technical Director EMEA-CALA, responsible for Systems Engineering in the theater. With a long experience, he began his career in software development for aerospace systems before getting into IT vendor ecosystem with Bay Networks/Nortel and Juniper Networks, up to being Technical Director EMEA for the Telecom, Cloud and Content businesses. Fabio writes about technology strategy, trends and implementation.

5 comments

  • Paulo Fernando Ribeiro

    May 2, 2018 at 6:09 pm

    Agreed that the feature of SSL/TLS decrypt is fantastic when we search for a granulated inspection, but, in my opinion, some markets like banks are still resistant to use it due a thought that the data inspected can be stored and then used to leak information, exposing the possible breaches of that institution. The breach is not on the solution/appliance itself, but on the non commitment of its operators, the human factor is proven the weaker link within the companies, due they can try to manipulate the information in favor of itself.
    Radware is providing amazing solutions to be used against the most recent threats and attacks!
    Congrats!

    Reply

  • Phoebe

    August 3, 2018 at 4:59 am

    В течение всей игры, включающихся бесплатно.

    Reply

  • Tawanna

    August 7, 2018 at 2:04 am

    СКАЧАТЬ КАЗИНО НА АНДРОИД
    НА РЕАЛЬНЫЕ ДЕНЬГИ.

    Reply

  • Lurlene

    August 7, 2018 at 6:48 am

    Играйте на сайте казино без скачивания
    приложений.

    Reply

  • sales funnel

    August 11, 2018 at 1:03 am

    Link exchange is nothing else but it is jst placingg the other person’s wweb sit link
    on your page at appropriate place and other person will also do same in favr of you.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *