SSL Inspection; With the increase of encrypted Web communication usage (HTTPS) on the Internet, cyber threats have found a new channel through which they can gain access into an enterprise network and the sensitive information it contains without being detected.
This evolution requires existing attack mitigation solutions to have real-time visibility into Web traffic traveling through the network over encrypted outbound sessions, where the organization may not have access to the server’s encryption keys.
This challenge is especially relevant for data leakage prevention (DLP), intrusion detection systems (IDS) and advanced threat protection (ATP) which normally do not have visibility into encrypted traffic, creating significant blind spots in the protection they provide.
When systems offer visibility into encrypted traffic, this ability comes with the high cost of an 80-90% performance impact, making these systems un-economical. Radware offers a unified solution that uniquely addresses these challenges and requirements. Based on its advanced SSL capabilities and performance, Alteon decrypts SSL sessions at high speeds.
The decrypted traffic is then steered to any content inspection security solution such as firewalls, anti-malware, data leakage protection, and so on. Sessions that pass through the security inspection are then re-encrypted and forwarded to the Internet towards its destination. Alteon can provide visibility into SSL traffic for both Inbound and Outbound traffic.
While SSL encrypted traffic is on the rise (over 80% is encrypted in most organizations) hackers are taking advantage of that, generating cyber-attacks through SSL(Radware SSL Inspection License) encrypted communication.
However, the perimeter security solutions comprised from various modules such as a Firewall, DDoS protector, IPS, and web security gateway all face a costly dilemma – inspect SSL encrypted traffic and lose up to 80% of their designed capacity due to the processing of SSL encryption decryption, or have a blind spot, letting SSL traffic pass through uninspected. Moreover, even if each of the module was to inspect the SSL traffic, doing it separately by each model not only adds cost, it also adds latency and more potential points of failure
SSL Inspection License
In order to relieve Web servers in an organization’s data center of the burden of encrypting/decrypting data sent via a secure socket layer (SSL) security protocol – the security protocol that is implemented in every Web browser - SSL offloading sends the process to a separate device to perform the coding/decoding task.
This additional SSL offload device is specifically designed to perform SSL inspection acceleration and termination. Radware’s Alteon SSL inspection solution provides a simple one-box solution for offloading traffic encryption/decryption processing for both inbound and outbound traffic.
Alteon SSL Inspect acts as a central switching point for all perimeter network security modules, significantly reducing latency of SSL encrypted. Security managers can easily chain and provision security services with highly granular policy options per user profile, with simple out-of-the box wizards.
Alteon SSL Inspect supports scalable and flexible security services deployment and reduces overall security solution costs via offloading decryption and re-encryption of SSL encrypted traffic.
Radware’s patented SSL inspection technology embedded in Alteon and combined with its transparent traffic steering functionality offers a high capacity, advanced and flexible SSL traffic inspection solution that is simple to deploy and delivers the following benefits:
Fast, Accurate and Simple SSL Inspect Maintenance Quick visibility into SSL traffic patterns, SSL handshake statistics and valuable information into the root cause of SSL Inspection problems if and when they occur.