Ingram Micro New Zealand

Ingram Micro helps businesses fully realize the promise of technology™—helping them maximize the value of the technology that they make, sell or use. With its vast global infrastructure and focus on cloud, mobility, supply chain and technology solutions, Ingram Micro enables business partners to operate more efficiently and successfully in the markets they serve.

No other company delivers as broad and deep a spectrum of technology and supply chain services to businesses around the world. Founded in 1979, Ingram Micro’s role as a leader and innovator in technology and supply chain services has fueled its rise to the 69th ranked corporation in the FORTUNE 500®

Menu
Why SSL inspection needs to become the new standard for businesses

Why SSL inspection needs to become the new standard for businesses

In a world where data security is key, it is vitally important that every business has the best protection possible for its incoming and outgoing data and that means using Secure Sockets layer (SSL) encryption, decryption and inspection.

In a world where data security is key, it is vitally important that every business has the best protection possible for its incoming and outgoing data and that means using Secure Sockets layer (SSL) encryption, decryption and inspection. However, it is now no longer enough to trust that encrypted data transmission is completely secure because hackers and other criminals have found a way to use it to their benefit.

Technology has reached an inflection point. Encrypted data transmission is now normal. It is no longer a complex additional function or system that costs extra. The use of SSL is now standard operating procedure but it can present challenges for security teams.

The broad uptake of encryption means some businesses have lost track of what is crossing through their gateway protection. 

SSL "protected" attacks are on the rise. With almost two-thirds of internet traffic now encrypted according to a recent report produced by Gartner, it was only a matter of time before criminals, nation states and other attackers began using encryption as a shield. Unsurprisingly, nearly two-thirds of malware attacks reported in 2017 used SSL to mask the damaging payload.

This means you need an SSL inspection tool that lets you verify encrypted packets, which enter your network, aren't carrying damaging payloads.

Recent research by Gartner, published in this year's Global Application & Network Security Report found that 35% of companies surveyed had experienced an SSL-based attack. That is a 50% increase on the previous year. Less than a third of the companies had the ability to defend against an SSL flood attack. Almost half were unsure if they had even been attacked in this way.

A phishing email may contain a downloader file that initially seems harmless. But when launched it creates an encrypted session to a command and control server that is used to deposit malware onto your computer. When all that traffic is protected by SSL, traditional security measures can’t detect and block the malicious activity.

NSS Labs Chief Technology Officer, Jason Brvenik, said, "Encryption does not protect us from all threats and, in fact, can make it easier for the adversary. Enterprises must be concerned if they are not decrypting and inspecting SSL traffic from untrusted sources".

In other words, if you aren’t using SSL inspection there is a gaping hole in your security policies.

Full SSL inspection, also known as deep inspection, is the only way to ensure data moving in and out of your network is legitimate. Initial uptake has been relatively slow because of the high costs associated with the processing power required to decrypt data on the fly without causing significant impact on users. Products capable of deep inspection were also hard to configure and expensive.

But newer solutions, such as the Fortinet FortiGate next generation firewall, can conduct this complex operation with negligible impact on users. Other similarly capable firewall and gateway protection equipment may increase network latency by almost 3000% with a drop in throughput speed of up to 95%, according to a recent independent study by NSS Labs.

There are two ways to deploy SSL inspection depending on the nature of the environment and the risks you are mitigating. It can be used to either inspect traffic between multiple servers and clients or to protect an SSL server.

SSL inspection can be resource intensive, even on devices that use custom hardware and  are specifically designed for the task. But by following best practice the inspection process can be optimised. 

Having an understanding of normal traffic patterns is important. By knowing how much traffic is expected and the percentage that is encrypted, you can work out where to deploy SSL inspection. That knowledge can also be used to limit the number of policies allowing encrypted traffic or to modify your policy to apply SSL inspection only where it is needed.

Although there are many firewall and edge-protection devices offering SSL inspection, choose devices that use custom-made hardware for SSL content scanning and SSL acceleration.

Testing is important. Be selective about how SSL inspection is deployed, Choose highest-risk traffic first and then gradually enable it.

In conclusion, there is little doubt SSL inspection is an essential tool in the ongoing battle to protect data from malicious actors and must, at all cost, and be considered by all businesses.

Contact the Ingram Micro team to see how they can help your business.

Read Fortinet's whitepaper on 'The rapid growth of SSL Encryption'


Read more from Ingram Micro:



Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags SSLSSL CertificatesSSL inspectionpayloadSSL encrypted file

Brand Post

Featured

Slideshows

Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Malwarebytes shoots the breeze with channel, prospects

Malwarebytes shoots the breeze with channel, prospects

A Kumeu, Auckland, winery was the venue for a Malwarebytes event for partner and prospect MSPs - with some straight shooting on the side. The half-day getaway, which featured an archery competition, lunch and wine-tasting aimed at bringing Malwarebytes' local New Zealand and top and prospective MSP partners together to celebrate recent local successes, and discuss the current state of malware in New Zealand. This was also a unique opportunity for local MSPs to learn about how they can get the most out of Malwarebytes' MSP program and offering, as more Kiwi businesses are targeted by malware.

Malwarebytes shoots the breeze with channel, prospects
Show Comments