If You Answer ‘Yes’, You Need Dedicated SSL Inspection

Encrypted traffic is flowing through your organization. It’s a fact. An estimated 70 percent of all traffic is encrypted. And many businesses have no way of knowing what’s going on inside because they’re not decrypting and inspecting SSL traffic.

That means malware, ransomeware and other threats could be hiding in plain sight and infiltrating your network. You could also be subject to insider abuse and data exfiltration where encryption is the vehicle through which sensitive corporate data is smuggled out.

Still think you don’t need SSL Inspection?

Here are questions every business should ask itself about decryption. If you answer “yes” to any one of these questions, your business needs a dedicated decryption solution.

1. Concerned about your ability to detect SSL encrypted threats, data exfiltration?

Threat actors can hide malware inside encrypted traffic. Period. It’s the classic “out of sight, out of mind” trick – they assume that if you don’t see it, you won’t know it’s there. A recent Ponemon Institute survey found that 40 percent of all cyberattacks are concealed in encrypted traffic

Examining encrypted traffic helps you root out encrypted threats and can also help prevent insider abuse and data exfiltration by breaking and inspecting all SSL encrypted traffic. Don’t let data theft and leaks like the recent HBO hack expose your sensitive info.

2. Does your existing SSL decryption solution degrade network performance?

All decryption solutions aren’t created equal. You’ve heard about the SSL decryption and SSL inspection performance tax. Your decryption solution should decrypt traffic across all TCP ports and then enable third-party security devices to analyze all traffic without compromising performance.

That means you won’t pay the decryption tax and the performance of your other network security solutions, like firewalls, won’t suffer.

3. Does your SSL inspection solution support your security infrastructure?

Your decryption solution should decrypt traffic across all TCP ports and enable third-party security devices to analyze all traffic without compromising performance. This gives security devices the chance to not only inspect and report any malicious file, but also, if necessary, to block the traffic in real-time and reset the communication channel. Your solution should then re-encrypt the traffic and send it to its intended destination. This eliminates the blind spot introduced by encrypted traffic.

A10 SSL Inspection to the Rescue

Again, if your answer to any of these questions was “yes,” then your business needs dedicated SSL decryption/inspection. A10 Thunder® SSL Insight (SSLi®) is a dedicated decryption solution that decrypts traffic and enables security devices to analyze all enterprise traffic without compromising performance. It decrypts traffic across all standard TCP ports and advanced protocols, such as SSH, STARTTLS, XMPP, SMTP and POP3.

And because Thunder SSLi is a full-proxy solution, ciphers can be re-negotiated to ciphers of similar strength to prepare for future ciphers or TLS versions – that means when TLS 1.3 launches, your application and site won’t break.

Thunder SSLi is also the only decryption solution on the market that supports up to four internal HSMs, and multiple external HSMs to secure private keys.

And to help prevent unauthorized data exfiltration, Thunder SSLi supports ICAP connectivity enabling your existing data loss prevention (DLP) systems without requiring the purchase of additional solutions.

A10 Thunder SSLi brings visibility into encrypted traffic to ensure concealed threats don’t pass into or out of your network.

For more information on A10 Thunder SSLi, download our data sheet.

Categories:

|
August 30, 2017

About Andrew Hickey

Andrew Hickey serves as A10's editorial director. Andrew has two decades of journalism and content strategy experience, covering everything from crime to cloud computing and all things in between. READ MORE