itb-nz logo
Story image

7 modern security problems you can solve with Encrypted Traffic Management

09 Jun 2016

Unchecked encrypted traffic in enterprise networks presents a growing risk for every business. As the use of SSL/TLS encrypted communications continues to grow, so does risk due to hidden threats. Security leaders are beginning to realise the implications of network encryption and its impact on the effectiveness of the entire security infrastructure. 

Blue Coat has identified a few challenges plaguing security and network teams and how the right Encrypted Traffic Management (ETM) solutions can help:

1. Limited encrypted traffic visibility that enables data loss and exfiltration

Most of today’s Data Loss Protection (DLP) devices are blind to SSL traffic, which leaves networks at a high risk. Advanced ETM solutions can intelligently feed devices like DLP technologies with decrypted SSL traffic allowing them do their job more effectively and expose critical data movement and potential exfiltration. This reduces overall risk while helping maintain data privacy and industry compliance (i.e. HIPAA, PCI, and Sarbanes-Oxley).

2. Incomplete sandboxing that can’t analyse all malicious threats

It is now possible for organisations to manage encrypted traffic by feeding both decrypted and unencrypted traffic to anti-malware or sandboxing solutions for more complete threat analysis, and increase the number of malware detections isolated.

3. Inadequate intrusion protection that won’t stop attacks

IDS/IPS solutions cannot see or stop threats hidden within encrypted traffic, which creates dangerous blind spots. Automatically identifying all SSL traffic based on an organisations policy, feeds decrypted flows—as well as all non-SSL traffic and SSL traffic that policy determined should be left encrypted—to IDS/IPS solutions so they can better detect and eliminate advanced threats without hindering the device performance. This is especially important due to the rapid rise in nefarious Command and Control (C&C) traffic that utilise SSL and originate from inside an organisation’s network.

4. Weak network forensics that can’t monitor and capture sophisticated attacks

Encryption makes it difficult for security analytics or network forensic tools to monitor and detect network breaches and targeted attacks. With the right ETM solutions you can now more effectively analyse all network traffic for suspicious network and attacker behaviour. Blue Coat’s ETM solutions does this and also allows for the prompt response and remediation of compromised network assets and devices.

5. Decentralised SSL decryption that adds complexity and cost

With a comprehensive policy engine, Blue Coat’s SSL Visibility Appliance provides decrypted content of SSL flows to existing security appliances such as DLP, NGFW, IPS, content analysis, network forensics and more, so you can easily get the full visibility and control you need to fight SSL-borne threats. This approach does not require any special software or APIs on the security devices in the infrastructure.

6. SSL traffic decryption and inspection that really slows you down

This can be managed by ensuring automatic visibility of all SSL traffic without affecting the performance of the network or requiring complex scripting and rule sets. An efficient ETM solution can actually increase network security device performance, by taking away the process-intensive burden of SSL inspection. This also preserves and extends the return-on-investment (ROI) of existing security devices, making them more effective in seeing all traffic, applications and potential threats.

7. Adhering to growing data privacy and compliance demands

As data privacy continues to grow as a critical business concern, IT Security teams struggle with how to balance it with maintaining strong network security. The best ETM solutions provide a comprehensive policy engine that keeps all products up-to-date with threat intelligence, website and traffic categorisation. Only a solution that selectively decrypts the suspicious and malicious SSL/TLS traffic, while allowing known good traffic to pass through in its encrypted state is able to deliver security and high performance.

Advanced enterprise security provider, Blue Coat Systems offers a white-paper on the above modern security problems - you can download it here.

Download image
Why there's a huge push for NFV in today's enterprises
To help networking and IT professionals better understand the opportunities and challenges associated with deploying NFV technology, new research based on responses from more than 1,300 IT and networking professionals from around the world is now available. More
Story image
16 reasons why you should move your backup to a NZ-hosted solution
It turns out that our own backyard has plenty of advantages over other international locations.More
Story image
Cloud breaches set to increase in velocity and scale - Accurics
“While the adoption of cloud native infrastructure such as containers, serverless, and servicemesh is fuelling innovation, misconfigurations are becoming commonplace and creating serious risk exposure for organisations."More
Story image
Video: 10 Minute IT Jams - Who is Milestone Systems?
In this interview, Techday speaks with Milestone Systems director of Asia Pacific sales Jordan Cullis, who discusses the ins and outs of the company's solutions, its focus on certain product development trends, and the company's infrastructure and resources.More
Link image
Need to gain the first-to-market advantage in 5G technologies?
Streamline your workflow across test domains including protocol, radio frequency (RF)/radio resource management (RRM), and functional and performance testing with software that’s right for you.More
Download image
Strengthen the weakest link in your security chain
Globalisation. Remote working. High-turnover workforces. These factors and more add up to make increasingly dynamic workforces - and without proper management, your business could fall behind.More