Implementing Network Packet Brokers for SSL Decryption and Inspection
January 28, 2013
Given the volume of traffic between systems and applications, network security has become challenging for security analysts that need to monitor the network environment for signs of attacks and intrusions. While encryption provides a level of confidentiality and privacy, it also creates a standstill for security analysts because they can’t see the contents without help.
In response to more advanced threats, modern network monitoring and security intelligence tools like network packet brokers are beginning to include SSL decryption features, providing visibility into SSL-encrypted tunnels, according to a white paper by Dave Shackleford.
There is a myriad of options available to enterprise security and operations teams for SSL inspection, which include: integrated SSL decryption in network monitoring tools, integrated SSL decryption in network proxies and brokering encrypted packets as required. However, the bigger challenge is addressing both outbound and inbound SSL with these platforms.
“Most of the time, proxies are only configured to decrypt and inspect outbound traffic, and there are just as many inbound SSL flows that security and network teams may want to inspect,” the paper explained.
Instead, a better option for most enterprises is using network packet broker devices that perform decryption of traffic and send it to existing network and security platforms for clear text analysis.
“This approach saves resources on all platforms and can help add new control points for traffic shaping and direction within the network,” the report added.
With a scalable, system-based approach to a network packet broker, users can significantly increase visibility into the traffic taking place in their network, drive operational efficiency, and see much better ROI.
For example, VSS Monitoring provides network packet brokers that allow organizations to make the best use of network monitoring and security With the company’s vMesh architecture, up to 256 appliances can be interconnected to form a fully-redundant, self-healing, and scalable packet brokering fabric, providing complete network visibility and data access and a greater ROI overall.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida. Stay in touch with everything happening at ITEXPO. Follow us on Twitter.