Ensuring security in an application and network environment

Malicious traffic could be infecting your systems this very moment…

The intention behind encryption is a noble one, and IT industry giants around the world have been tightening their noose on hackers by utilizing the technology to protect data and personal privacy.

In fact, current figures show that more than half the traffic on the Internet is encrypted – this should be a good thing.

But it can also be a double-edged sword. According to a 2016 report from A10 Networks, 50 percent of all cyberattacks carried out this year would likely be using encryption; a tactic employed by hackers to hide their invasive activities from installed security platforms.

With up to 70 percent of traffic now marked by encryption, it would be fair to say that the internet is in the midst of a Secure Sockets Layer (SSL) encryption explosion. While there may be many reasons for such rapid growth in the fostering of SSL encryption – from garnering favourable page rankings in a Google search, to a significant lack of ATS support influencing App listings in the Apple App store – oversights regarding traffic encryption can directly affect business revenue.

“Although SSL is used to protect legitimate communications containing sensitive data, it can also hide more nefarious behavior from inspection,” notes the report.

Cyber criminals now use it to hide activities from IT security tools, which typically can’t inspect or analyse encrypted communications.

“Malicious insiders have been hiding from corporate security measures for years by using encrypted communications,” it adds. “Increasing use of secure, cloud-based storage has made data exfiltration even easier, allowing insiders to exfiltrate sensitive data while evading data loss prevention and other monitoring solutions.”

For business leaders investing in potential SSL inspection partners, this means performance, compliance, availability and security must be core considerations.

Performance, for one, is a critical characteristic of any newly-implemented business solution, particularly when that solution must emulate ever-increasing loads. Of course, ever-increasing SSL inspection keys require rising levels of computing power, which could ultimately affect network performance and drive corporations to turn them off altogether.

Despite the fact that many firewalls and threat solutions are capable of decrypting SSL traffic, the majority are inadequate when it comes to keeping pace with emerging demands of decryption.

Fact is that an absence of SSL inspection means your organization is vulnerable to attacks, leaving it open to costly downtime, loss of sales, customer backlash and a compromise of intellectual property – not to mention the hefty costs attached to fixing data breaches, as well as patching up a bruised and damaged reputation.

“Protection against encrypted threats starts with incline encryption,” adds the A10 Networks report. “An SSL inspection appliance decrypts the traffic, sends it to one or more security solutions (UTM, IDS/IPS, firewall, etc) and then passes it back through another partition to encrypting it again.”

The report states that this process helps phase out the well-documented degradation that firewalls encounter when organizing all encrypted traffic.

“At the same time,” it adds, “the data in question is only exposed to the security device(s), ensuring that compliance and data privacy requirements are maintained. Policies can even be set up to allow specific data, like patient health records, to remain encrypted to comply with relevant mandates,” the report concludes.

On top of supporting the performance of your new business solution, the best defense your company can have is an SSL inspection platform that also complies to these criteria:

• The tool satisfies compliance mandates, categorizing web traffic in terms of type while ensuring confidential data remains encrypted;
• It supports complex deployment requirements and is able to decrypt traffic from multiple devices;
• The platform is able to maximize security infrastructure uptime and capacity, enabling advanced monitoring that allows it to rapidly identify network and application errors;
• It must securely handle SSL certificates and keys, integrating with third-party SSL certificate management solutions that discover and control certificates;
• The tool must also be able to decrypt all standards-compliant encrypted traffic, with techniques like 4096-bit SSL keys, elliptic curve ciphers, Perfect Forward Secrecy (PFS), and others are being enforced to guard against prying eyes.

As a global leader in application networking, A10 Networks offers a diverse portfolio of application networking solutions that assist corporations when it comes to safeguarding data center applications, while also ensuring their business networks remain available, accelerated and secure.

A10’s Thunder SSL solutions, which recently won the grand prize at Interop Tokyo 2017, presents invaluable benefits, providing transparency when it comes to encrypted traffic and helping prevent potential threats. It is a tool that lets business leaders analyze all network data – including those that have been influenced by dangerous encryptions.

A10’s unique SSL Insight allows you and your business to:

• Eradicate blind spots in corporate defense strategies by decrypting SSL traffic at incredibly high speeds
• Maximize uptime by load-balancing multiple third-party security appliances
• Scale performances and throughput to quickly, efficiently and successfully counter attempted cyberattacks
• Prevent expensive data breaches and loss of intellectual property by detecting advanced threats in the quickest way possible

“A10 Thunder SSLi can perform both inline and out-of-band decryption. It can perform at 40 Gbps, conduct dynamic port interception of SSL traffic and handle load balancing to scale security infrastructure. Built-in ICAP support can decrypt traffic for tools such as AV scanners,” the report explains.

“With A10 Thunder SSLi, it is possible to stay safe from an increasingly common type of cyberattack. Encrypted malware, DDoS and command-and-control infrastructure can all be kept at bay with A10 Thunder SSLi’s advanced capabilities.”

A10’s report also cites that last year’s total number of attacks grew by 132 percent from the previous year, proving the value of SSL inspection to be undeniable. But if your chosen investment falls short of your business’s security needs, your organization could wind up to be the next victim of attacks – and that is where A10’s Thunder SSLi will not let you down.