SSL SCAN DECISION
Also protects in encrypted connections
Years ago, SSL certificates were mainly used for banking and other secure transactions. Today, they have established themselves in virtually every area of the Internet. Through encryption, SSL certificates are often used to guarantee secure use of corporate applications, webmail services, social media sites and important search engines. Branch analysts project an increase in SSL traffic volume in coming years from roughly five exabytes (i.e. five billion gigabytes) of data per year to almost 15 exabytes.
This will make the inspection of SSL traffic increasingly important, to ensure an adequate level of security. After all, hackers are also increasingly making use of SSL – to hide device infections, conceal the loss of data, or to mask command-and-control communication for their botnets. Ignoring this problem is risky.
That is why Secucloud SSL Scan Decision gives each customer the opportunity to choose how they would like to handle SSL inspection. This decision can apply for individual domains, URLs, or specific categories. This way, it is up to the customer to decide (based on white or black lists), which Internet pages are to be fully decrypted (“full SSL scan”) and which are to be scanned by SAND SSL without decryption. This would allow secure connections, such as banking sites, to be excluded from decryption.
Secucloud’s advanced non-decrypting SSL scan technology is capable of analyzing SSL data traffic without decryption. This enables the system to extract meta-information from each web request – a process which leads to a detection rate of up to 99 percent.
Since it is no longer necessary to replace certificates, the work of the service is fully transparent. The user experience is completely unaffected. Users don’t have to replace certificates, nor do they notice any negative effects on performance, regardless of the device they are using.
- No man-in-the-middle and no replacement of certificates necessary
- No decryption of SSL traffic
- Transparent – customers experience no restrictions
To be able to perform a complete SSL inspection the data traffic must be handed over to an inspection instance in which the information is decrypted. After analysis of the online traffic, the data is encrypted again and passed on to the intended destination. All additional requests to be encrypted must be signed again by a new certification body.