Story image

7 modern security problems you can solve with Encrypted Traffic Management

09 Jun 2016

Unchecked encrypted traffic in enterprise networks presents a growing risk for every business. As the use of SSL/TLS encrypted communications continues to grow, so does risk due to hidden threats. Security leaders are beginning to realise the implications of network encryption and its impact on the effectiveness of the entire security infrastructure. 

Blue Coat has identified a few challenges plaguing security and network teams and how the right Encrypted Traffic Management (ETM) solutions can help:

1. Limited encrypted traffic visibility that enables data loss and exfiltration

Most of today’s Data Loss Protection (DLP) devices are blind to SSL traffic, which leaves networks at a high risk. Advanced ETM solutions can intelligently feed devices like DLP technologies with decrypted SSL traffic allowing them do their job more effectively and expose critical data movement and potential exfiltration. This reduces overall risk while helping maintain data privacy and industry compliance (i.e. HIPAA, PCI, and Sarbanes-Oxley).

2. Incomplete sandboxing that can’t analyse all malicious threats

It is now possible for organisations to manage encrypted traffic by feeding both decrypted and unencrypted traffic to anti-malware or sandboxing solutions for more complete threat analysis, and increase the number of malware detections isolated.

3. Inadequate intrusion protection that won’t stop attacks

IDS/IPS solutions cannot see or stop threats hidden within encrypted traffic, which creates dangerous blind spots. Automatically identifying all SSL traffic based on an organisations policy, feeds decrypted flows—as well as all non-SSL traffic and SSL traffic that policy determined should be left encrypted—to IDS/IPS solutions so they can better detect and eliminate advanced threats without hindering the device performance. This is especially important due to the rapid rise in nefarious Command and Control (C&C) traffic that utilise SSL and originate from inside an organisation’s network.

4. Weak network forensics that can’t monitor and capture sophisticated attacks

Encryption makes it difficult for security analytics or network forensic tools to monitor and detect network breaches and targeted attacks. With the right ETM solutions you can now more effectively analyse all network traffic for suspicious network and attacker behaviour. Blue Coat’s ETM solutions does this and also allows for the prompt response and remediation of compromised network assets and devices.

5. Decentralised SSL decryption that adds complexity and cost

With a comprehensive policy engine, Blue Coat’s SSL Visibility Appliance provides decrypted content of SSL flows to existing security appliances such as DLP, NGFW, IPS, content analysis, network forensics and more, so you can easily get the full visibility and control you need to fight SSL-borne threats. This approach does not require any special software or APIs on the security devices in the infrastructure.

6. SSL traffic decryption and inspection that really slows you down

This can be managed by ensuring automatic visibility of all SSL traffic without affecting the performance of the network or requiring complex scripting and rule sets. An efficient ETM solution can actually increase network security device performance, by taking away the process-intensive burden of SSL inspection. This also preserves and extends the return-on-investment (ROI) of existing security devices, making them more effective in seeing all traffic, applications and potential threats.

7. Adhering to growing data privacy and compliance demands

As data privacy continues to grow as a critical business concern, IT Security teams struggle with how to balance it with maintaining strong network security. The best ETM solutions provide a comprehensive policy engine that keeps all products up-to-date with threat intelligence, website and traffic categorisation. Only a solution that selectively decrypts the suspicious and malicious SSL/TLS traffic, while allowing known good traffic to pass through in its encrypted state is able to deliver security and high performance.

Advanced enterprise security provider, Blue Coat Systems offers a white-paper on the above modern security problems - you can download it here.

TechOne bringing solar lights to students in need
The company is partnering with charity SolarBuddy to bring solar-powered lights to children in energy poverty to alleviate study stress after dark.
Universal Robots aims for A/NZ growth with new hire
Peter Hern takes on the role of leading customer support, sales and partner development for Universal Robots in Australia and New Zealand.
Microsoft urges organisations to tackle data blindspots
Despite significant focus placed on CX transformation, over a third of Australian organisations claimed that more than one in five of their projects failed.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
How big data can revolutionise NZ’s hospitals
Miya Precision is being used across 17 wards and the emergency department at Palmerston North Hospital.
Renesas develops 28nm MCU with virtualisation-assisted functions
The MCU features four 600 megahertz CPUs with a lock-step mechanism and a large 16 MB flash memory capacity.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.