What are you doing to inspect encrypted traffic?

By Ronald Sens, EMEA Director, A10 Networks.

Tuesday, 15th May 2018 Posted 6 years ago in by Phil Alsop

Many adversaries to enterprise cybersecurity are using sophisticated encryption tactics to bypass defences and infiltrate networks. Enterprises are trying to fight back by employing HTTPS and using SSH, as well as other advanced protocols for data exfiltration. SSH, for example, is often used for remote management access because it performs well. But, when nearly 70 percent of all enterprise traffic is encrypted, understanding what’s hiding inside that traffic is imperative. So, what can you do to inspect that traffic?

The first step is to come up with an enterprise threat model so that you can easily look at and assess a threat, then outline the techniques that your adversaries are going to use. For example, The Mitre corporation developed one that they call attack matrix and as you go through and look at the attack matri