Part 3: Understanding how encrypted traffic inspection plays a key defense
While encryption technologies have been key tools for ensuring web traffic stays private and secure, cybercriminals are also using encryption to hide malware and execute web-based attacks.
Inspecting encrypted traffic is more critical than ever before to keep modern business networks secure. Yet, detecting suspicious web traffic for malicious content is not as straightforward as it seems.
First, networks have evolved to support new ways of working. That means security operations are much more complex today. Employees are using a mix of personal and company-issued devices, connecting to networks from multiple locations. At the same time, small and mid-size businesses (SMBs) may be in various stages of cloud-enabling their operations — and security measures may not be keeping pace. Managed service providers (MSPs) and managed security service providers (MSSPs) may be dealing with a range of traditional, on-premise security appliances that simply aren’t effective against encrypted web threats.
Next, in order to see inside encrypted data flows, traffic is decrypted as it enters and exits networks, then typically scanned for threats, and re-encrypted. You can imagine the costs and network performance considerations with the sheer amount of data that needs to be processed for growing, modern workforces.
Bandwidth and latency are key issues. In fact, latency caused by some security appliances that are designed to inspect traffic and protect networks can be so severe that businesses may turn off web traffic inspection features entirely. According to Gartner, it’s turned off in 90% of unified threat management (UTM) appliances.
Even worse, when faced with performance impact or more costs and complexity, some companies may choose not to deploy any services to inspect encrypted web traffic.
The reality is, for deep inspection of encrypted traffic, MSPs and MSSPs need advanced cloud-based security strategies that won’t impact performance for SMB customers who rely on the cloud — and won’t create new maintenance headaches and added costs.
All of these factors create gaps in protection, increase the chances of malicious encrypted web traffic bypassing your security defenses, and fuel a massive volume of successful encrypted web attacks.
In our What’s Hiding in SSL/TLS Traffic? white paper, we look at the challenges with encrypted web traffic inspection, the types of attacks that are growing due to lack of realistic inspection techniques, and modern security strategies to help MSPs and MSSPs respond with a smart defense.
One thing is certain, if you ever question the need for inspecting encrypted traffic, one look at the web attacks gaining traction today may change your mind.
Here are just a few examples:
As MSPs and MSSPs will agree, securing Internet traffic today goes well beyond traditional security measures of the past and inspection plays a critical role. The fact is, facing inspection challenges head-on with a firewall like the Secure Internet Gateway will help prevent encrypted web attacks on your customers’ networks.
We created our white paper, What’s Hiding in SSL/TLS Traffic?, as a guide to understanding the factors driving encrypted web attacks and how to evaluate the right inspection technologies and security measures to stay well ahead of these attacks. Be sure to get your free copy today.
The new Avast Cybersecurity Basics Training Quiz provides training on Data Security, Identity Management, and Social Media Security
How SMBs can effectively protect their networks from cyberthreats – without breaking their security budgets