Inspecting SSL for security | Cloud-Based Platform AIONCLOUD

AIONCLOUD BLOG

Share information related to AIONCLOUD !

Back to BLOG Main

Inspecting SSL for security

The part that is easy to overlook in data encryption is the data 'transmission' section. Encryption is meaningless if encryption is not performed throughout the data transmission period. The data is encrypted in DB and device, but if it is transmitted in plain text, the security is not applied at all. SSL/ TLS encrypted communication is used to protect the transmission data, and the ratio is expected to increase steadily, and by 2017, 50% of web traffic is expected to be encrypted. In particular, more than 70% of government agencies requiring high security level use all encrypted transactions. SSL has been around for over 20 years and security vulnerabilities have been reported frequently. Heartbleed, which hit over the world in 2014, is fatal security vulnerability in the popular OpenSSL that could steal server keys to decrypt the encrypted data. OpenSSL has been a serious problem because it is used by two thirds of the world's web servers and it uses a lot of network and security devices. Since then, vulnerabilities such as poodles have arisen, and environments protected by strong security technologies such as the US government homepage have also been hacked. However, SSL leads to delay network response time, and it is also used for intelligent attacks that hide malware in encrypted traffic. Gartner predicts that by 2017, more than 50% of attacks on corporate networks will use SSL, which bypasses security. Most network and security devices pass encrypted traffic without decryption. This is because performance degrades during decryption, which hinders business continuity. When the proportion of the encrypted traffic was not high among all the traffic, the security threat of the encrypted traffic was managed by detecting the abnormal behavior of the traffic through the internal monitoring system. If half of the incoming traffic is encrypted traffic, it is impossible to detect threats with the internal monitoring system alone. In the future, the use of encrypted traffic will become even more important, so it is urgent to ensure the visibility of all encrypted traffic.

Scroll Up