Part 3: Understanding how encrypted traffic inspection plays a key defense
While encryption technologies have been key tools for ensuring web traffic stays private and secure, cybercriminals are also using encryption to hide malware and execute web-based attacks.
Inspecting encrypted traffic is more critical than ever before to keep modern business networks secure. Yet, detecting suspicious web traffic for malicious content is not as straightforward as it seems.
First, networks have evolved to support new ways of working. That means security operations are much more complex today. Employees are using a mix of personal and company-issued devices, connecting to networks from multiple locations. At the same time, small and mid-size businesses (SMBs) may be in various stages of cloud-enabling their operations — and security measures may not be keeping pace. Managed service providers (MSPs) and managed security service providers (MSSPs) may be dealing with a range of traditional, on-premise security appliances that simply aren’t effective against encrypted web threats.
Next, in order to see inside encrypted data flows, traffic is decrypted as it enters and exits networks, then typically scanned for threats, and re-encrypted. You can imagine the costs and network performance considerations with the sheer amount of data that needs to be processed for growing, modern workforces.
Bandwidth and latency are key issues. In fact, latency caused by some security appliances that are designed to inspect traffic and protect networks can be so severe that businesses may turn off web traffic inspection features entirely. According to Gartner, it’s turned off in 90% of unified threat management (UTM) appliances.
Even worse, when faced with perf ..
Support the originator by clicking the read the rest link below.
