SSL Decryption
HTTPS Inspection
> Enable visibility into your encrypted traffic blind spots.
Encryption protects data from being viewed in transit over the Internet - but it also creates a serious blind spot for threats, malware, Data Loss Prevention (DLP) and other regulatory or compliance risks
Our solution monitor and control all communications channels – including remote access (PPTP, L2TP, IPSec VPN), e-mail (SMTP), Web (HTTP/HTTPS), File Transfer Protocol (FTP), Secure Sockets Layer (SSL), and Web 2.0 applications such as webmail, blogs, and wikis.
> Protects online businesses from SSL based-DDoS attacks
(both high rate DoS & DDoS and "low & slow" attacks)
> FIPS 140-2 Level 2 & 3 compliant solution
> Use SSL decryption to inspect traffic for use in logging, forensics and analysis
Modern applications that use SSL communications by default – such as SharePoint, Exchange, WebEx, Salesforce.com and Google Apps – are commonplace and rapidly growing. Even hosted and mobile email applications such as Gmail, Yahoo and Zimbra utilise SSL encryption by default in today's workplace environments.
While encrypting the web session protects the data from being viewed in transit over the Internet, it also creates a serious blind spot for threats, malware, DLP, and other regulatory or compliance risks.
As a result, organisations need complete visibility into the SSL network traffic on their Enterprise Networks, and the ability to preserve complete web histories from encrypted web traffic for compliance, regulatory and logging requirements.
> Stops rogue applications (e.g., IM and P2P) that use SSL to subvert enterprise controls and security measures.
> Scans SSL-encrypted traffic for viruses, worms, and Trojans, and stops them at the gateway.
> Prevents spyware from installing or communicating over SSL.
> Halts secured phishing and pharming attacks that use SSL to hide from IT controls or increase the appearance of authenticity.
> Accelerates approved and safe SSL-encrypted traffic.
> Takes a granular approach to proxying SSL for applications of different trust levels and privacy concerns: pass through, check/verify then pass through, or proxy with full visibility and control.
> Displays splash screens reminding users of acceptable use, and warns them that monitoring extends to SSL.
> Stops information leakage over SSL links through scanning of encrypted traffic for sensitive information.
> Relieve / off load Datacentres and Backend servers from the CPU-intensive tasks of encrypting and decrypting.
Inspect all common tunnelling protocols including PPTP, L2TP, IPSec, SSL and on-demand host integrity checking enable inspection of encrypted content, such as traffic sent over VPN connections.
> SSL Acceleration 4096-Bit SSL Performance
To prevent cyber-attacks, enterprises need to inspect incoming and outgoing traffic for threats. Unfortunately, attackers are increasingly turning to encryption to evade detection. With more and more applications using encrypting data. Organizations that do not inspect SSL communications are providing an open door for attackers to infiltrate defences and for malicious insiders to steal sensitive data.
Encrypting and decrypting network traffic is a very CPU-intensive task for servers. The initial session setup in particular, demands the most of a CPU. The general purpose CPUs of server hardware will take a significant hit when a website migrates towards 2048-bit or higher SSL keys. When upgrading from 1024-bit to 2048-bit keys, the CPU usage typically increases 4 - 7 times. For 4096-bit keys, server CPUs are bound to reach their limits at typical volumes.
> Reduce Certificate Management
The administration of certificates can be a daunting task, when many servers use a separate certificates. Moving the SSL termination point to an SSL appliance greatly reduces operational cost for time spent managing certificates and reduces human operational errors.
Also See
> SSL Decryption Manged Service
> SSL Certificates
Contact us today to discuss your requirements in more detail.
P: +44(0)7714 209927
S: +44(0)1273 329753
|
info@securenetconsulting.co.uk
|