TECH TALK

Encrypted traffic accounts for a large and growing percentage of all network traffic. While the adoption of SSL, and its successor, Transport Layer Security( TLS), should be cause for celebration – as encryption improves confidentiality and message integrity – it also puts organisations at risk. This is because hackers can leverage encryption to conceal their exploits from security devices that do not inspect SSL traffic, writes Mohammed Al-Moneer, Regional Director, MENA, A10 Networks.

The importance of being earnest … When evaluating SSL inspection platforms To eliminate the SSL blind spot in corporate defences, organisations should provision solutions that can decrypt SSL traffic – both inbound traffic to corporate servers and outbound traffic from internal users to the Internet – and allow all security products that analyse network traffic to inspect encrypted data. Organisations must carefully evaluate the features and performance of SSL inspection platforms before selecting a solution. If IT security teams deploy SSL inspection platforms in haste, they might be blindsided later by escalating SSL bandwidth requirements, deployment demands or regulatory implications.

Because SSL inspection potentially touches so many different security products – from firewalls and intrusion prevent systems( IPS) to data loss prevention( DLP), forensics, advanced threat prevention and more – organisations must develop a list of criteria and evaluate SSL inspection platforms against these criteria before selecting a solution. SSL inspection platforms should:

Meet current and future SSL performance demands Performance is perhaps the most important evaluation criteria for SSL inspection platforms. Organisations must assess their current Internet bandwidth requirements and ensure that their SSL inspection platform can handle future SSL throughput requirements. When

78 INTELLIGENTCIO www. intelligentcio. com