Ingram Micro New Zealand

Ingram Micro helps businesses fully realize the promise of technology™—helping them maximize the value of the technology that they make, sell or use. With its vast global infrastructure and focus on cloud, mobility, supply chain and technology solutions, Ingram Micro enables business partners to operate more efficiently and successfully in the markets they serve.

No other company delivers as broad and deep a spectrum of technology and supply chain services to businesses around the world. Founded in 1979, Ingram Micro’s role as a leader and innovator in technology and supply chain services has fueled its rise to the 69th ranked corporation in the FORTUNE 500®

Menu
Why SSL inspection needs to become the new standard for businesses

Why SSL inspection needs to become the new standard for businesses

In a world where data security is key, it is vitally important that every business has the best protection possible for its incoming and outgoing data and that means using Secure Sockets layer (SSL) encryption, decryption and inspection.

In a world where data security is key, it is vitally important that every business has the best protection possible for its incoming and outgoing data and that means using Secure Sockets layer (SSL) encryption, decryption and inspection. However, it is now no longer enough to trust that encrypted data transmission is completely secure because hackers and other criminals have found a way to use it to their benefit.

Technology has reached an inflection point. Encrypted data transmission is now normal. It is no longer a complex additional function or system that costs extra. The use of SSL is now standard operating procedure but it can present challenges for security teams.

The broad uptake of encryption means some businesses have lost track of what is crossing through their gateway protection. 

SSL "protected" attacks are on the rise. With almost two-thirds of internet traffic now encrypted according to a recent report produced by Gartner, it was only a matter of time before criminals, nation states and other attackers began using encryption as a shield. Unsurprisingly, nearly two-thirds of malware attacks reported in 2017 used SSL to mask the damaging payload.

This means you need an SSL inspection tool that lets you verify encrypted packets, which enter your network, aren't carrying damaging payloads.

Recent research by Gartner, published in this year's Global Application & Network Security Report found that 35% of companies surveyed had experienced an SSL-based attack. That is a 50% increase on the previous year. Less than a third of the companies had the ability to defend against an SSL flood attack. Almost half were unsure if they had even been attacked in this way.

A phishing email may contain a downloader file that initially seems harmless. But when launched it creates an encrypted session to a command and control server that is used to deposit malware onto your computer. When all that traffic is protected by SSL, traditional security measures can’t detect and block the malicious activity.

NSS Labs Chief Technology Officer, Jason Brvenik, said, "Encryption does not protect us from all threats and, in fact, can make it easier for the adversary. Enterprises must be concerned if they are not decrypting and inspecting SSL traffic from untrusted sources".

In other words, if you aren’t using SSL inspection there is a gaping hole in your security policies.

Full SSL inspection, also known as deep inspection, is the only way to ensure data moving in and out of your network is legitimate. Initial uptake has been relatively slow because of the high costs associated with the processing power required to decrypt data on the fly without causing significant impact on users. Products capable of deep inspection were also hard to configure and expensive.

But newer solutions, such as the Fortinet FortiGate next generation firewall, can conduct this complex operation with negligible impact on users. Other similarly capable firewall and gateway protection equipment may increase network latency by almost 3000% with a drop in throughput speed of up to 95%, according to a recent independent study by NSS Labs.

There are two ways to deploy SSL inspection depending on the nature of the environment and the risks you are mitigating. It can be used to either inspect traffic between multiple servers and clients or to protect an SSL server.

SSL inspection can be resource intensive, even on devices that use custom hardware and  are specifically designed for the task. But by following best practice the inspection process can be optimised. 

Having an understanding of normal traffic patterns is important. By knowing how much traffic is expected and the percentage that is encrypted, you can work out where to deploy SSL inspection. That knowledge can also be used to limit the number of policies allowing encrypted traffic or to modify your policy to apply SSL inspection only where it is needed.

Although there are many firewall and edge-protection devices offering SSL inspection, choose devices that use custom-made hardware for SSL content scanning and SSL acceleration.

Testing is important. Be selective about how SSL inspection is deployed, Choose highest-risk traffic first and then gradually enable it.

In conclusion, there is little doubt SSL inspection is an essential tool in the ongoing battle to protect data from malicious actors and must, at all cost, and be considered by all businesses.

Contact the Ingram Micro team to see how they can help your business.

Read Fortinet's whitepaper on 'The rapid growth of SSL Encryption'


Read more from Ingram Micro:



Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags SSLSSL CertificatesSSL inspectionpayloadSSL encrypted file

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments