If You Answer ‘Yes’ to Any of These Questions, You Need Dedicated Decryption
Encrypted traffic is flowing through your organization. It’s a fact. An estimated 70 percent of all traffic is encrypted. And many businesses have no way of knowing what’s going on inside that traffic because they’re not decrypting and inspecting it.
That means malware and other threats could be hiding in plain sight and infiltrating your network. You could also be subject to insider abuse and data exfiltration where encryption is the vehicle through which sensitive corporate data is smuggled out.
Still think you don’t need to decrypt and inspect that traffic?
Here are questions every business should ask itself about decryption. If you answer “yes” to any one of these questions, your business needs a dedicated decryption solution.
1. Are you concerned about your ability to detect encrypted threats, insider abuse or data exfiltration?
Threat actors can hide malware inside encrypted traffic. Period. It’s the classic “out of sight, out of mind” trick – they assume that if you don’t see it, you won’t know it’s there. A recent Ponemon Institute survey found that 40 percent of all cyberattacks are concealed in encrypted traffic
Examining encrypted traffic helps you root out encrypted threats and can also help prevent insider abuse and data exfiltration by breaking and inspecting all encrypted traffic. Don’t let data theft and leaks like the recent HBO hack expose your sensitive info.
2. Do you have an existing decryption solution or next-gen firewall that can decrypt encrypted traffic? Does the performance degrade when you decrypt?
All decryption solutions aren’t created equal. You’ve heard about the decryption and inspection performance tax. Your decryption solution should decrypt traffic across all TCP ports and then enable third-party security devices to analyze all traffic without compromising performance.
That means you won’t pay the decryption tax and the performance of your other network security solutions, like firewalls, won’t suffer.
3. Is your current decryption solution able to support your entire security infrastructure?
Your decryption solution should decrypt traffic across all TCP ports and enable third-party security devices to analyze all traffic without compromising performance. This gives security devices the chance to not only inspect and report any malicious file, but also, if necessary, to block the traffic in real-time and reset the communication channel. Your solution should then re-encrypt the traffic and send it to its intended destination. This eliminates the blind spot introduced by encrypted traffic.
A10 Thunder SSLi to the Rescue
Again, if your answer to any of these questions was “yes,” then your business needs dedicated decryption. A10 Thunder SSLi is a dedicated decryption solution that decrypts traffic and enables security devices to analyze all enterprise traffic without compromising performance. It decrypts traffic across all standard TCP ports and advanced protocols, such as SSH, STARTTLS, XMPP, SMTP and POP3.
And because Thunder SSLi is a full-proxy solution, ciphers can be re-negotiated to ciphers of similar strength to prepare for future ciphers or TLS versions – that means when TLS 1.3 launches, your application and site won’t break.
Thunder SSLi is also the only decryption solution on the market that supports up to four internal HSMs, and multiple external HSMs to secure private keys.
And to help prevent unauthorized data exfiltration, Thunder SSLi supports ICAP connectivity enabling your existing data loss prevention (DLP) systems without requiring the purchase of additional solutions.
A10 Thunder SSLi brings visibility into encrypted traffic to ensure concealed threats don’t pass into or out of your network.
For more information on A10 Thunder SSLi, download our data sheet.