Page 93 - Cyber Defense Magazine for August 2020
P. 93

Key features of a good TLS/ SSL Decryption Solution

            It is important that a dedicated, centralized decryption solution provides full visibility to the enterprise
            security infrastructure for TLS/SSL traffic. Not only that, but the solution also needs to provide a multi-
            layered security approach, which then makes it the perfect candidate to be deployed at the centre of a
            Zero Trust network.


            Below are some of the features to look out for when looking to implement a TLS/ SSL Decryption Solution:
               •  Full Traffic Visibility – It needs to enable the entire security infrastructure to inspect all traffic in
                   clear-text, at fast speeds, ensuring that no encrypted attacks or data breaches can slip through
               •  Ease of Integration – It should be vendor agnostic and easily integrate with security devices
                   already deployed within the network. This drives down additional costs and upgrades.
               •  Multi-Layered  Security  Services  –  These  are  additional  security  services,  including  URL
                   filtering, application  visibility  and  control,  threat  intelligence and threat  investigation,  that  help
                   strengthen the security efficacy of the entire enterprise network
               •  User Access Control – The product should be able to enforce authentication and authorization
                   policies  to  restrict  unneeded  access,  log  access  information  and  provide  the  ability  to  apply
                   different security policies based on user and group IDs.
               •  Micro  Segmentation  –  It  should  facilitate  micro-segmentation  through  its  ability  to  provide
                   granular traffic control, user and group ID-based traffic control, and support for multi-tenancy
               •  Securing  Cloud  Access  –  SaaS  security  is  an  important  feature  which  can  be  provided  by
                   enforcing tenant access control and visibility into user activities.

            In conclusion, without a centralized and dedicated TLS/SSL decryption solution, the Zero Trust model is
            unable to do what it was designed to do – protect our networks, users and data from threats residing
            inside and outside the network.





            About the Author

            Adil Baghir is Technology Consultant Lead for Middle East &
            Africa  at  A10  Networks.  He  is  a  security  and  networking
            specialist  having  worked  for  tech  powerhouses  like  STC,
            Mobily and Applied Technologies Company.

            Adil  can  be  reached  online  at  ([email protected])
            and at our company website https://www.a10networks.com/













            Cyber Defense eMagazine – August 2020 Edition                                                                                                                                                                                                                        93
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   88   89   90   91   92   93   94   95   96   97   98