Cyber Defense eMagazine January 2020 Edition

More documents

Recommendations

Info

40 The Ultimate Guide to SSL/TLS Decryption Six Features to Consider When Evaluating SSL/TLS Inspection Solutions By Babur Khan, Technical Marketing Engineer, A10 Networks Encrypted traffic accounts for a large and growing percentage of all internet traffic. While the adoption of Secure Sockets Layer (SSL), and its successor, Transport Layer Security (TLS), should be cause for celebration – as encryption improves confidentiality and message integrity – these protocols also put your organization at risk as they create encrypted blind spots that hackers can use to conceal their exploits from security devices that are unable to inspect SSL/TLS traffic. The threat of SSL/TLS blind spots is a serious one. According to a Ponemon survey, legacy security infrastructure is not built to take care of these evolved, hidden attacks, and almost two out of three organizations are not able to decrypt and inspect their SSL/TLS traffic. To stop cyberattacks, you need to gain insight into encrypted data; to gain insight into encrypted data, you need a dedicated security platform that can decrypt SSL/TLS traffic and send it to the security stack for inspection in clear text. This paper describes six features to consider when evaluating an SSL/TLS inspection platform. With this information, you will be able to easily define evaluation criteria and avoid common deployment pitfalls. 40
41 The current state of insecurity Worldwide spending on information security will exceed a staggering $124 billion in 2019 as organizations stack up security products around their network perimeters. Unfortunately, as SSL traffic increases, our collective $124+ billion investment in security is falling far short of protecting all our digital assets. Attackers are wising up and taking advantage of this gap in corporate defenses. In fact, as much as 70% of cyberattacks will use encryption as part of their delivery mechanisms by 2019. As a result, companies that do not inspect SSL communications are providing an open door for attackers to infiltrate defenses and steal data. <strong>Cyber</strong>criminals can use encryption to hide the delivery of malware as well as the extraction of data, which leaves legacy security devices blind to data breaches. Such breaches can have a disastrous impact on your company’s reputation and brand, and you could be subject to disciplinary action and fines. For instance, over 200,000 computers worldwide were affected by last year’s WannaCry ransomware attack most notably, Britain’s National Health Service (NHS), causing serious disruptions in the delivery of health services across that nation. To prevent cyberattacks, enterprises need to inspect all traffic and encrypted traffic in particular, for advanced threats such as WannaCry. Existing security solutions can’t hack it While some security solutions can decrypt SSL/TLS traffic, many are collapsing under growing SSL/TLS bandwidth demands and SSL key lengths. Today, the use of 2048-bit SSL keys has become common, and the impact is startling. NSS Labs looked at how decryption impacts performance in its 2018 SSL/TLS Performance Tests. They measured product performance with a Next Generation Firewall (NGFW) with decryption turned on versus turned off and found significant performance degradation and increased latency in the tested products. • A 92% drop in the average connection rate. Connection degradation ranged from 84% to 99%.5 • An increase in latency in the average application response time of 672%. Latency ranged from 99% to 2,910%. • A 60% drop in the average throughput. Throughput degradation ranged from 13% to 95%. The importance of being earnest…when evaluating ssl/tls inspection platforms To eliminate the SSL/TLS blind spot in corporate defenses, you should provision a solution that can decrypt SSL/TLS traffic and enable all security products that analyze network traffic to inspect the encrypted data. You must carefully evaluate all the features and performance of your SSL/TLS inspection platform before selecting a solution. If you deploy an SSL/TLS inspection platform in haste, you might be blindsided later by escalating SSL bandwidth requirements, deployment demands or regulatory implications. 41
Page 1 and 2: 1 Best Practices for Building A Com
Page 3 and 4: 3 CONTENTS Welcome to This Very Spe
Page 5 and 6: @CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8: 7 7
Page 9 and 10: 9 9
Page 11 and 12: 11 11
Page 13 and 14: 13 Your website could be vulnerable
Page 15 and 16: 15 15
Page 17 and 18: 17 17
Page 19 and 20: 19 19
Page 21 and 22: 21 A further challenge arises from
Page 23 and 24: 23 About the Author Haythem Hammour
Page 25 and 26: 25 Focus on detection Although prev
Page 27 and 28: 27 What’s the Security Misconfigu
Page 29 and 30: 29 As more and more businesses begi
Page 31 and 32: 31 Industries under threat Accordin
Page 33 and 34: 33 How to Know If Someone Is Watchi
Page 35 and 36: 35 you are running in the backgroun
Page 37 and 38: 37 These stats make it clear why sm
Page 39: 39 · Provide staff especially thos
Page 43 and 44: 43 3. Support heterogeneous network
Page 45 and 46: 45 • Enables troubleshooting of i
Page 47 and 48: 47 It’s not just medical research
Page 49 and 50: 49 Europe Cybersecurity Market Size
Page 51 and 52: 51 Some of the key vendors in the E
Page 53 and 54: 53 Iot Security and Privacy Securit
Page 55 and 56: 55 information such as DNA informat
Page 57 and 58: 57 Lessons Learned Unlike newer pro
Page 59 and 60: 59 Seven Security Predictions For 2
Page 61 and 62: 61 will target state and local vote
Page 63 and 64: 63 7) Attackers Will Find New Vulne
Page 65 and 66: 65 Certification Programs There are
Page 67 and 68: 67 Fraud: A Look Back At 2019 And W
Page 69 and 70: 69 technologies. They’re also col
Page 71 and 72: 71 • A list of valid credentials
Page 73 and 74: 73 Making the Transition The shift
Page 75 and 76: 75 to get a view on the entire IT e
Page 77 and 78: 77 The Decade Ahead for Cybersecuri
Page 79 and 80: 79 About the Author Matthew Gyde is
Page 81 and 82: 81 datacenters before heading out t
Page 83 and 84: 83 About the Author Paul Martini is
Page 85 and 86: 85 85
Page 87 and 88: 87 87
Page 89 and 90: 89 89
Page 91 and 92:
91 91
Page 93 and 94:
93 93
Page 95 and 96:
95 95
Page 97 and 98:
97 97
Page 99 and 100:
99 99
Page 101 and 102:
101 101
Page 103 and 104:
103 You asked, and it’s finally h
Page 105 and 106:
105 TRILLIONS ARE AT STAKE No 1 INT
Page 107 and 108:
107 107
Page 109 and 110:
109 109
Page 111 and 112:
111 111
show all

Cyber Defense eMagazine January 2020 Edition

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?