Share this article on:
Malicious actors are increasingly using SSL traffic to hide malware according to security researchers at Blue Coat Systems. The use of SSL/TLS encrypted sites is growing due to concern about the privacy of website visitors. While SSL/TLS offers increased security, it also gives malicious actors the opportunity to hide malware, command and control center communications, and data exfiltration.
The threat is rising at an alarming rate. Blue Coat researchers identified 58 times as many SSL-cloaked C&C channels and 200-fold rise in C&C servers using SSL in 2015.
While organizations have implemented URL filtering and secure web gateways to protect their networks from malware, many solutions do not have visibility into encrypted traffic. Many organizations find that security appliances that can decrypt and re-encrypt SSL traffic are not without their issues. The capacity of some appliances and filtering solutions reduces by as much as 80% when configured to inspect SSL traffic, meaning SSL inspection must be turned off or capacity needs to be expanded.
Blue Coat’s solution is a much more powerful SSL Visibility Appliance (SV3800B-20). This next generation Encrypted Traffic Management (ETM) appliance has almost double the throughput of the original SSL Visibility Appliance. Capacity has been increased from 4Gbps to 9Gbps.
SSL/TLS is encrypted once, data is fed to multiple security tools, and following inspection is re-encrypted. The solution only decrypts targeted traffic to ensure the privacy of end users is protected, while potential threats are assessed, and suspicious and malicious traffic is blocked. Blue Coat says its solution adheres to HR, legal, financial, and security compliance standards.
Blue Coat has also published a host of new educational resources explaining the need for SSL inspection, a cost calculator to help organizations budget for SSL inspection, and infographics and documentation explaining how to get started with inspecting SSL traffic.
“By providing dedicated SSL visibility, Blue Coat is helping customers combat security threats hidden in encrypted traffic while preserving the enterprise customers’ priorities like network performance, user privacy and regulatory compliance that organizations today require,” said Michael Fey, president and COO, Blue Coat Systems, Inc.