Gigamon says it can analyze attacker SSL traffic without hitting performance
Gigamon, based in Santa Clara, California, says it has developed a capability to deeply analyze all SSL/TLS (Secure Sockets Layer/TransportTransport Layer SecuritySecurity) traffic. Alles zu Security auf CIO.de Top-Firmen der Branche Transport
SSL/TLS is the cornerstone of Web security, encrypting data between a client and a server. If the traffic is intercepted, it appears as gibberish unless the person has the corresponding private encryption key required to decrypt it.
Analyst Gartner predicts that attackers will increasingly use encryption in order to try to evade security products, from around 5 percent of network attacks using encryption today to 50 percent by 2017.
Many organizations now want to have visibility on the encrypted traffic, so are deploying SSL proxies, which are incorporated into a firewall or a load balancer, said Ananda Rajagopal, Gigamon's vice president for product management.
The proxy terminates the SSL session with a remote server and initiates a new one, which gives it an accessible private key, Rajagopal said. It means that all SSL traffic can now be analyzed for traits that might indicate an attack is underway.