70% of the worldwide web-traffic is SSL-encrypted (https)
50% of all malware hides behind SSL-encryption
“SECUCLOUD SASE” ADVANTAGES
Easy certificate handling which automatically syncs in the hole “Secucloud SASE” Cloud Network around the world will assists you securing your global enterprise WAN and central Internet policy enforcement. Exclude sensitive traffic from getting decrypted. E.g. by excluding the content-category “Banking” or creating a custom whitelist of URLs which should never be decrypted, you will keep the company compliances.
FULL SSL SCAN
To be able to perform a complete SSL-Inspection the data traffic must be handed over to an inspection instance in which the information is decrypted. After analysis of the traffic, the data is encrypted again and passed on to the intended destination. All additional requests to be encrypted must be signed again by a new certification body.
For SSL-Interception the SSL Man-in-the-middle (MITM) approach is used.
- As before, the browser calls the URL of the HTTPS server but this time the connection is terminated by the HTTPS proxy.
- The HTTPS proxy then establishes a connection itself to the target server.
- The HTTPS server answers by sending its certificate to the proxy.
- Just like the browser, the HTTPS proxy requires a list of trustworthy CAs so it can verify that it is really communicating with the requested HTTPS server. Using this list, the certificate sent in (3) is checked.
- If the certificate is valid, the first encrypted connection is established between the HTTPS proxy and the HTTPS server.
- The original connection initiated between the browser and the HTTPS proxy in (1) isn’t answered until all the above steps are complete. The HTTPS proxy now sends a self-created certificate which indicates that the owner is the HTTPS server and is not signed by an official CA. Instead, the HTTPS proxy has its own CA which signs the certificate it created.
- This CA is, of course, not in the browser’s CA list, so the HTTPS page is only loaded after a security warning has appeared and asked for the user’s express permission to display it. To avoid that happening, the company’s IT administrator would need to copy the HTTPS proxy’s CA into the CA lists of all its browsers. However, this is easy to do in Windows environments with Windows Group Policy Management.
- Once all this has been done, the second encrypted connection between the browser and the HTTPS proxy is established. At this point, the data is sent by the HTTPS server to the HTTPS proxy, and as it is unencrypted it can be scanned there to check for Malware and content-filtering. If no unwanted traffic is present, the data is sent to the browser via the second HTTPS connection. This method ensures that the data cannot be read – neither in the local network nor on the internet – but can be checked within the firewall and any viruses present can be blocked.
In this way, the “Secucloud SASE” service with an SSL proxy increase the security of company networks, because they close the last loophole.
MACHINE LEARNING & SELF-IMPROVING
Secucloud links superior machine learning technology with the multi source input network to continuously improve the Global Cloud Intelligence and to rapidly classify domains, URLs, IPs and files with great coverage, accuracy and speed.
Another technique to ensure continuous tracking and unique accuracy is to determine via proprietary AI algorithms how deeply a given site should be scanned. For example, site dynamics and typical user interactions with a given site are factors in these algorithms. Secuclouds’ contextual analysis determines in which case to deeply scan sites, using different methods:
AI analyzing the site dynamics and user behavior
Exact URL classification at any given time due to continuous tracking
“We’re happy to be able to provide VinaPhone customers with effective protection – it’s well suited to the challenges and specific circumstances of our market as it’s delivered from the cloud[…]”
“As a finalist, Secucloud demonstrated unique innovation in its approach to protecting companies from the onslaught of malicious attacks and other threats. Their solution represents some of the most effective security technology on the market today.”
“With the Secucloud solution, we’ve found just the right technology to extend our service with a key component, […]”
“[…] it is one of the most promising European cybersecurity companies led by a seasoned management team with a strong track record in this space. […]”
“Secucloud has created a totally new Cyber-Security framework that can process virtually unlimited traffic with more than a hundred million subscribers, […]”
“[…] With Secucloud’s cloud-based security solution, our customers are protected from internet threats and do not need to worry about installing or constantly updating software. This convenience is exactly what our customers expect from us.”
“[…] It’s just not possible to protect each device individually – instead, efficient protection needs to be centralised and delivered from the cloud. We recognised this requirement some time ago and have developed the security service in partnership with Secucloud to protect our customers against increasing IoT-based threats.”
“We have a lot of respect for our customers’ sense of responsibility. Rather than limit that, we’re making the Secucloud service available to them as a high-performance tool that helps them use the internet more securely and with more awareness.”
“[…] the solution is doing exactly what it’s supposed to do: secure our users’ online experience quietly and effectively in the background without them having to limit their web surfing or even notice the shield in action.”
“We decided on secucloud in April 2015 from a shortlist of possible vendors. All secucloud’s security functions are located in the cloud, so there’s no longer any need for software installed locally on the devices. That means users are protected all the time – with no effort.”