Encrypted traffic is flowing through your organization. It’s a fact. An estimated 70 percent of all traffic is encrypted. And many businesses have no way of knowing what’s going on inside because they’re not decrypting and inspecting SSL (Secure Sockets Layer) traffic.
That means malware, ransomware and other threats could be hiding in plain sight and infiltrating your network. You could also be subject to insider abuse and data exfiltration where encryption is the vehicle through which sensitive corporate data is smuggled out.
Here are questions every business should ask itself about decryption. If you answer “yes” to any one of these questions, your business needs a dedicated decryption solution.
Threat actors can hide malware inside encrypted traffic. Period. It’s the classic “out of sight, out of mind” trick – they assume that if you don’t see it, you won’t know it’s there. A recent Ponemon Institute survey found that 40 percent of all cyberattacks are concealed in encrypted traffic
Examining encrypted traffic helps you root out encrypted threats and can also help prevent insider abuse and data exfiltration by breaking and inspecting all SSL encrypted traffic. Don’t let data theft and leaks like the recent HBO hack expose your sensitive info.
All decryption solutions aren’t created equal. You’ve heard about the SSL decryption and SSL inspection performance tax. Your decryption solution should decrypt traffic across all TCP ports and then enable third-party security devices to analyze all traffic without compromising performance.
That means you won’t pay the decryption tax and the performance of your other network security solutions, like firewalls, won’t suffer.
Your decryption solution should decrypt traffic across all TCP ports and enable third-party security devices to analyze all traffic without compromising performance. This gives security devices the chance to not only inspect and report any malicious file, but also, if necessary, to block the traffic in real-time and reset the communication channel. Your solution should then re-encrypt the traffic and send it to its intended destination. This eliminates the blind spot introduced by encrypted traffic.
Again, if your answer to any of these questions was “yes,” then your business needs dedicated SSL decryption/inspection. A10 Thunder® SSL Insight (SSLi®) is a dedicated decryption solution that decrypts traffic and enables security devices to analyze all enterprise traffic without compromising performance. It decrypts traffic across all standard TCP ports and advanced protocols, such as SSH, STARTTLS, XMPP, SMTP and POP3.
And because Thunder SSLi is a full-proxy solution, ciphers can be re-negotiated to ciphers of similar strength to prepare for future ciphers or TLS versions – that means when TLS 1.3 launches, your application and site won’t break.
Thunder SSLi is also the only decryption solution on the market that supports up to four internal HSMs, and multiple external HSMs to secure private keys.
And to help prevent unauthorized data exfiltration, Thunder SSLi supports ICAP connectivity enabling your existing data loss prevention (DLP) systems without requiring the purchase of additional solutions.
A10 Thunder SSLi brings visibility into encrypted traffic to ensure concealed threats don’t pass into or out of your network.
For more information on A10 Thunder SSLi, download our data sheet.
Andrew Hickey served as A10's editorial director. Andrew has two decades of journalism and content strategy experience, covering everything from crime to cloud computing and all things in… Read More
Seeing is believing. Schedule a live demo today.