Ixia's Active SSL Sheds Light On Encrypted TrafficIxia's Active SSL Sheds Light On Encrypted Traffic
By employing a network packet broker, tool can handle decryption/encryption without negatively impacting performance.
August 1, 2017
Instead of turning a blind eye (literally) to the traffic or overburdening critical tools, Ixia's Active SSL feature lets a network packet broker handle the decrypt/encrypt process without negatively impacting performance.
The job of a network manager is really hard and continues to get harder. Complexity has increased, new devices are connected at an alarming rate, and shadow IT has run amok in most companies. However, no trend has made the network manager's life more challenging than the rise of encrypted traffic.
Encryption is the ultimate Catch-22. At first it seems like a great idea in that SSL hides traffic from the bad guys. But then you quickly realize it enables those same hackers to hide threats from the monitoring and security tools that network managers rely on to manage and protect the network.
One solution is to have the tools decrypt, do whatever they're supposed to do, and then re-encrypt the traffic. But the SSL decryption/encryption process is processor-intensive and can bring the tools to their knees, so many network and security professionals let the encrypted traffic go by and hope and pray it isn't malicious. Last year, a ZK Research study found that almost 50% of organizations admit to turning security features off in favor of performance -- and encrypted traffic is a big contributor to that percentage.
Ixia offers up a better alternative to the encrypted traffic conundrum. Instead of turning a blind eye (literally) to the traffic or overburdening critical tools, Ixia's Active SSL feature lets a network packet broker handle the decrypt/encrypt process without negatively impacting performance.
The past several years has seen an explosion in the number of purpose-built network tools aimed at helping network managers understand what's happening on the network and how to secure it. The resulting tool sprawl has created a surge of interest in network packet brokers, which Ixia describes as a middleman for network monitoring traffic. These devices make adding new tools plug and play, performing the majority of the heavy lifting of traffic so the tools can do what they were meant to do and no more.
Ixia has added the Active SSL feature to its SecureStack software set that runs on its Vision One network packet brokers. Ixia's customers can use the platform to identify performance problems across physical and virtual networks as well as better secure the environment. Active SSL highlights include:
Operates at 1-, 2-, 4-, and 10-Gig capacities
Has a dedicated cryptographic co-processor
Works inline or out of band depending on the tools or place in the network
Is compatible with other Ixia filtering capabilities
Active SSL also uses something called "ephemeral keys" to provide forward secrecy and protect past and future data exchanges. Ephemeral keys are cryptographic keys generated for each execution of the key establishment process. The use of the ephemeral keys means traffic is un-encrypted, inspected, and re-encrypted before being sent back to the network.
Some organizations have shied away from encrypting traffic because of the overhead involved in doing so, but the IETF's Transport Layer Security (TLS) 1.0 standard, which uses ephemeral keys, improves both security and performance. With TLS, the use of encrypted traffic will likely accelerate, making Active SSL and other solutions that can help bring light to a growing blind spot.
Follow Zeus Kerravala on Twitter and Google+!
@zkerravala
Zeus Kerravala on Google+
