SSL Traffic Inspection: Needed Visibility But At What Cost?

Presented by

Barbara Filkins, Sr. SANS Analyst; Parth Jagirdar, A10 Networks

About this talk

We all agree encryption on network traffic is necessary, both to improve the confidentiality and integrity of the information in motion as well as to comply with numerous regulations (like HIPAA). But while we think of it as being used for good, it can also be used for evil. Hackers can use it to hide malicious intent, whether stealing data sent via email or to cloud storage to protecting malware C&C communications. Given the growth in both the use of network-based encryption and network attacks targeting encrypted traffic to bypass controls, how can organizations keep up? Simply turning on SSL inspection in a NG firewall can substantially degrade performance. Buying a new firewall is a costly endeavor. SANS will explore the concerns faced by an organization that realizes it must improve visibility into its encrypted traffic, laying out both the business and the technical issues and how to approach both.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (89)
Subscribers (7660)
We provide secure, scalable application services for on-premises, cloud, and edge-cloud environments to deliver better business outcomes that support investment protection, new business models, and help future-proof infrastructures.​​