infoTECH Feature

April 16, 2015

Is SSL Hurting More Than Helping Middle East Organizations?

By TMCnet Special Guest
Glen Ogden, Regional Sales Director, Middle East at A10 Networks

SSL encryption is a double-edged sword for many organizations in the Middle East. It bolsters security by providing confidentiality and message integrity. It also enables organizations to verify the identity of application owners and allows applications to authenticate users with client certificates. Unfortunately, encryption can also be used by attackers to infiltrate enterprises.

Encryption puts organizations at risk. Hackers leverage encryption to conceal their exploits from security devices like firewalls, intrusion prevention systems, forensics solutions, and more that can’t keep up with increasing SSL decryption demands or that cannot decrypt SSL traffic at all because of their location in the network.

According to a recent Gartner (News - Alertsurvey, “less than 20 percent of organizations with a firewall, an intrusion prevention system (IPS) or a unified threat management (UTM) appliance decrypt inbound or outbound SSL traffic.” This means that hackers can evade over 80 percent of an organization’s network defenses simply by tunneling attacks in encrypted traffic.

SSL/TLS is the New Default Transportation Protocol

SSL usage has become ubiquitous, and many leading websites now encrypt every web request and response. In fact, 48 percent more of the million most popular websites use SSL in 2014 than a year earlier. However, the transition from 1024- to 2048-bit SSL key lengths, combined with growing SSL bandwidth demands, has burdened security devices that decrypt SSL traffic. The impact of decryption on security devices is startling. Analysis by NSS Labs reveals that 2048-bit SSL ciphers “caused a mean average of 81 percent in performance loss” for seven leading next-generation firewalls.

However, encrypted traffic is often not protected with intrusion protection technology. Cyber tools are not protecting the organization’s assets and are letting encrypted traffic pass through the network unchecked.

But wait a minute—didn’t we solve SSL performance problems in the data center years ago? Specialized appliances, load balancers, application delivery optimization, and offloading CPU-intensive SSL encryption processes are all aimed to address these issues. However, in addition organizations need modern tools to secure and optimize their modern firewalls and cyber protections.


To help organizations decrypt and inspect SSL traffic without degrading network performance, third-party security devices can be used to inspect encrypted traffic and eliminate the blind spot imposed by SSL encryption.

These security devices have the capabilities to:

  • Uncover cyberattacks hidden in SSL traffic
  • Maximize uptime by load-balancing multiple third-party security appliances
  • Scale performance and throughput to successfully counter advanced threats
  • Deploy best-of-breed content inspection solutions to fend off attacks and malware

In today’s work environment, more and more network traffic is being encrypted. As information technology managers, we need to ensure the correct information is being protected, while the necessary infrastructure is in place to protect the organization. Managed correctly, SSL traffic can provide the necessary protections while not exposing the vulnerabilities on the company’s security infrastructure.


Glen Ogden, Regional Sales Director, Middle East at A10 Networks (News - Alert)


Edited by Stefania Viscusi

FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers