https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Encryption Key

Enterprise-Class SSL and TLS Decryption: Why You Need to See the Unseeable

  • Written by Channel
  • February 15, 2017
Encryption can be used for good — or, it can conceal attackers’ activities.

Corey WilburnBy Corey Wilburn

If asked, nearly every customer would prefer that their communications, and those of their employees and clients, be as private and secure as possible. That’s the point of using strong encryption. However, there is a dark side: According to a study by A10 Networks and Ponemon, titled “Uncovering Hidden Threats Within Encrypted Traffic,” about 67 percent of Internet traffic was encrypted in 2016, up from 29 percent in 2015. And, among respondents to the study who said they were victims of a cyberattack in the preceding 12 months, nearly half claimed the attack leveraged SSL traffic to evade detection.

Other security studies, including the SonicWall annual report, also show that encrypted data is becoming an easy and increasingly common way to conceal malware, viruses and other damaging content. It’s safe to assume that more than half of encrypted traffic contains something unwanted or dangerous. 

What’s even more concerning is that, as more companies become focused on and anxious about security, and more stories spread about the scary things out there trying to steal your data, many tech watchers expect to see even more encryption, perhaps more than 70 percent of all Internet traffic in the next year.

It’s clearly worth advising customers to be cautious and ask: Why is this entity sending me a file using strong encryption? Are they doing something dangerous, illegal or generally up to no good? Are they plotting against us? Without SSL inspection in place to answer those questions, a business could fall victim to the kind of encrypted traffic that has malicious intent behind it.

We Need More Visibility

Many standard firewalls can’t see what’s inside encrypted data packets. Rather than drop them, packets are often “waved in” without being thoroughly inspected by antivirus tools or other monitoring systems. Once inside a customer’s environment, delivered to an endpoint and clicked on by an unsuspecting target, the malicious payload is free to run amok and wreak havoc.

More and more firewalls do contain methods to decrypt traffic as it passes through, but this feature is often considered an add-on, with an extra cost, and is limited in its ability to properly handle decrypting a large amount of inbound/outbound traffic. The decryption and encryption process takes a fair amount of computational overhead, depending the strength of the encryption. Processing these tasks on a machine that is also doing many other functions can create bottlenecks and reduce the availability of networking services.

We know the problem. What’s the answer?

Managed Security Services: The Next Opportunity: Join 5,500 of your colleagues at the Channel Partners Conference & Expo and get access to our education session on how to enter a market predicted to reach $29.9 billion by 2020. Check out the lineup!

My company, IT solutions provider Data Endure, works with some top security providers, including Symantec. While most notable as a market leader in personal and enterprise antivirus products, AV is not the only game Symantec plays. Over the years it has continued to grow its pool of technologies via internal development and acquisitions. Today, the company offers other useful protections against more advanced threats, including email and advanced security challenges.

Symantec recently acquired Blue Coat, which brings us to the conversation of hardware and software solutions that are mainly geared to manage encrypted traffic. Blue Coat was a market leader in the arena of SSL decryption and built a great business tackling that problem for its customers. While there are a number of firewalls that do SSL interception and inspection of encrypted traffic, I’ll use the Symantec/Blue Coat product set as my example of what to look for, because we partner with them.

Symantec’s flagship product, Proxy SG, sits as a decryption proxy in the customer environment, comes packed with useful features and is deployable in both on-premises and cloud models. You can tune intelligent policy decisions for customers based on reputation, whitelist and blacklist methodologies so that you are selectively decrypting, blocking or allowing traffic while at the same time protecting your customer’s privacy. For example, say the company allows end users to log in to their online banking applications while in the office; you could set the proxy to pass that through traffic untouched.

The acquisition of Blue Coat is also expanding Symantec’s coverage in the realms of reputation-based decisions, updates and automatic tuning of the system.

Symantec’s Global Intelligence Network, always a bit of secret sauce for partners, is a global array of sensors that feed threat telemetry back to the mother ship. This real-time threat information is then tapped into by a few of Symantec’s core products. Blue Coat’s integration into Symantec’s Global Intelligence Network will be a win-win on both technology fronts. (A look at the combined Symantec Secure One and Blue Coat partner program is here.)

It’s important to remember that integrating a technology such as this into a customer network should not be done lightly. Come prepared, and get some outside help if you need it. There is a good amount tuning required, not to mention focused conversations on what the company’s decryption policy is going to be. But one thing is for sure: It’s time to talk to customers about the dark side of encryption.

Corey Wilburn is the security practice manager at DataEndure, where he specializes in the design of strategic solutions, aimed at delivering high-value operational intelligence, leveraging best-in-class products as well as services built around current and emerging standards.

Tags: Agents Business Models Cloud Security

Most Recent


  • Making Waves
    7 Channel People Making Waves This Week at Datto, New Relic, Kyndryl, More
    Our No.1 story was a video segment highlighting IBM.
  • Fireworks
    Cybersecurity Experts: July 4th Weekend Ripe for Ransomware, Other Attacks
    Russia definitely has motivation to exploit the July 4th holiday in some way.
  • Unemployed, laid off
    Qumulo Confirms Layoffs, Citing Economic Conditions, Reaching Profitability
    Qumulo has raised $351 million in funding at a valuation of more than $1.2 billion.
  • Software patch
    Tetra Defense: Unpatched Systems Behind Costliest Cyberattacks in Q1
    Log4J/Log4Shell is still being actively exploited.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • White House
    White House Urges Companies to Take Ransomware Attacks More Seriously
  • Security shield on digital background
    VMware Security Connect Focused on Redefining Security, Increasing Threats
  • Fortune 500 2021 logo
    AT&T, Microsoft, Verizon, More Tech, Telco Companies Make Latest Fortune 500
  • SDN
    Windstream Rolls Out Enhancements for VMware-Powered SD-WAN

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

7 Channel People Making Waves This Week at Datto, New Relic, Kyndryl, More

July 1, 2022

Cybersecurity Experts: July 4th Weekend Ripe for Ransomware, Other Attacks

July 1, 2022

Images: HPE Discover 2022 Expo Hall Featuring Microsoft, Ingram Micro, VMware

July 1, 2022

Industry Perspectives

View all

How to Make Embracing Change Part of Your Company Culture

July 1, 2022

How to Differentiate to Leverage 5G’s Revenue Opportunity

June 28, 2022

Why MSPs are Attractive Cyberattack Targets

June 24, 2022

Webinars

View all

VEP Platform for Delivery of uCPE, SD-WAN and SASE

June 29, 2022

The Digital Worker: How to Empower Customers with a Flexible, Scalable VDI Solution to Enable Remote Work

June 30, 2022

Growing Partner Revenue and Customer Satisfaction with Power Management Services

June 23, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

IBM, Partners and the $1 Trillion Hybrid Cloud Opportunity

June 26, 2022

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

May 6, 2022

Twitter

ChannelFutures

Channel people making waves this week include: @jpdepa3rd, @RiyaShanmugam, @sandyhogan dlvr.it/STCM6S https://t.co/oVB86ztTtP

July 1, 2022
ChannelFutures

#Cybersecurity experts say July 4th weekend ripe for #ransomware, other attacks. @blumirasec @Netenrich @Vectra_AI… twitter.com/i/web/status/1…

July 1, 2022
ChannelFutures

New @PureStorage #ITchannel leader details jump from Veritas. dlvr.it/STBsLB https://t.co/BFSmZ5ubff

July 1, 2022
ChannelFutures

New Pure Storage EMEA Channel Leader Details Jump from Veritas dlvr.it/STBrPQ https://t.co/LjFXo6FbVF

July 1, 2022
ChannelFutures

.@qumulo latest channel business to confirm layoffs impacting 80 workers. #storage dlvr.it/STBh1L https://t.co/hE10wBA3ka

July 1, 2022
ChannelFutures

Ranking on the #MSP501 isn't just an industry accolade... it brings pride to each company and their team. Congratu… twitter.com/i/web/status/1…

July 1, 2022
ChannelFutures

Company culture is ever changing in today's society - here are ways to embrace that change with @coxbusiness… twitter.com/i/web/status/1…

July 1, 2022
ChannelFutures

#HPEDiscover expo hall images. Featuring @IngramMicroInc @msPartner @Veeam @Commvault and more.… twitter.com/i/web/status/1…

July 1, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X