ICA
FR
A
AL
I O N E L S
G
E
R ANN
CH
A F RIC
“Visibility into encrypted traffic is key to
protecting applications and securing data
and an SSL/TLS orchestration solution can
provide high-performance decryption and
encryption of outbound TLS traffic – without
slowing your traffic down.”
recipe for disaster.”
Deploy a decryption air gap: Decryption
‘air gaps’ are where security teams decrypt
in and outbound traffic before passing it
through a daisy chain of security inspection
devices and then re-encrypting it. McCullough added: “The current growth
of hidden malware within encrypted traffic
is cause for concern. Without visibility into
SSL/TLS traffic, you’re going to be facing
some serious blind spots in your security,
which could lead to data breaches, financial
losses and damage to the corporate brand.
“It is essential to regain visibility into this
traffic – allowing malware-scanning and
prevention devices to protect apps and the
network. Much like a conductor who needs
to see every musician in the orchestra,
enjoying better visibility means increased
performance and less risk.”
Hackers have
quickly evolved their
approaches and found
a way to introduce
hidden and
malicious codes.
“This approach may uncover the hidden
malware so that it is at least seen, but
it also creates a red zone where user
passwords are transmitted into the open,”
said McCullough.
Orchestrate: When applying policy-
based decryption and traffic steering to
both in and outbound traffic, companies
can conduct their ‘orchestra’ of security
devices. A high performing SSL/TLS
orchestration solution can improve
visibility and protect apps while increasing
the security, efficiency and resilience of the
security stack.
Jacobsz explained: “Outbound traffic
flows into the SSL/TLS orchestration device,
which decrypts it. Then, based on a set of
customisable rules, the encryption traffic
30
Do nothing: “We can hold our breath and
pray they don’t find us but it’s not likely or
smart,” said McCullough.
“Attackers are increasingly concealing
their code in traffic that security devices
cannot see – the ‘do nothing’ option is a
bs
z
, M
an
a gi
ed
ng D
mit
Unli
irecto
r at Networks
passes directly to the associated chain of
security devices.
“Traffic is scanned and cleared by the
security devices and it goes back to the SSL/
TLS orchestration device, which re-encrypts
it and sends it on its way.