Under Attack?
Search
Menu

Visibility: Do You Know What’s In Your Network?

By Prakash SinhaSeptember 24, 2019

More than 70% of websites now use SSL encryption. The Google Transparency Report statistics below show a very rapid rise in adoptions of HTTPS for Chrome browser users worldwide.

Unfortunately, the security provided by SSL/TLS is also misused to attack applications by injecting malicious content and hide malware. SSL is also being used to facilitate data leakage from within an organization. HTTPS floods are now frequently used in many DDoS attack campaigns.

A Double Edged Sword

As more and more applications and websites use end-to-end encryption and adopt HTTP/S and TLS 1.3, the ability to inspect traffic has become an important element of the security posture. However, the encryption of traffic has made visibility challenging.

Most DDoS mitigation services do not actually inspect SSL traffic, as doing so would require decrypting the traffic. Gaining visibility to SSL/TLS traffic also requires extensive server resources. Mitigating SSL attacks thus poses several challenges, including the burden of implementing encryption and decryption mechanisms at every point where traffic needs to be inspected.

[You may also like: High-Performance Visibility into SSL/TLS Traffic]

Encryption and decryption at many different points in the traffic data path not only adds latency to the traffic, but is also expensive and problematic to scale.

However, despite all the challenges, SSL/TLS remain the standards for ensuring secure communications and commerce on the web.

In order to detect any application security issues before your customers experience them, it is essential to have an end-to-end monitoring capability that provides actionable insights and alerts through visualization.

[You may also like: Detecting and Mitigating HTTPS Floods…Without Decryption Keys]

As application delivery controllers are deployed at the intersection of the network and applications, ADCs can act in conjunction with your edge protection solutions to detect and mitigate an encrypted security attack or prevent leakage of proprietary information.

Conclusion

Even though you may be protected by the most advanced firewall technology, your existing security mechanisms may still fail to see into encrypted SSL/TLS traffic. You should deploy enterprise security solutions that enhances your existing security posture to gain visibility into the encrypted traffic and prevent encrypted attacks on your organization.

Read “Flexibility Is The Name of the Game” to learn more.

Download Now

Posted in: Application DeliveryTags:

Prakash Sinha

Prakash Sinha is a technology executive and evangelist for Radware and brings over 29 years of experience in strategy, product management, product marketing and engineering. Prakash has been a part of executive teams of four software and network infrastructure startups, all of which were acquired. Before Radware, Prakash led product management for Citrix NetScaler and was instrumental in introducing multi-tenant and virtualized NetScaler product lines to market. Prior to Citrix, Prakash held leadership positions in architecture, engineering, and product management at leading technology companies such as Cisco, Informatica, and Tandem Computers. Prakash holds a Bachelor in Electrical Engineering from BIT, Mesra and an MBA from Haas School of Business at UC Berkeley.

Related Articles

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
Close

What are you looking for?