BLOG

Peering Into and Protecting Against What You Can't See

Jay Kelley Miniatur
Jay Kelley
Published June 05, 2019

Today it seems like the whole world is encrypted. That can be a very good thing, as encryption keeps our personal information safe while we bank online, download medical tests from our doctor’s web portal, or post on social media. It’s reported that over 80% of global internet traffic is now encrypted. Encryption keeps prying eyes from viewing our personal data and info. 

But there is the good and bad side to everything. While encryption aids in keeping our information and data private, it also elevates the risk of attacks and data breaches. The Secure Sockets Layer (SSL) protocol and its successor, Transport Layer Security (TLS) have been widely adopted by organizations worldwide to secure IP communications; and their use continues to grow. While SSL/TLS provides data privacy and secure communications, it also creates challenges for an organization’s security solutions, especially when they’re trying to inspect what’s inside encrypted traffic. It’s now easier than ever for attackers to hide malicious payloads in encrypted traffic and launch attacks. Unfortunately, it’s simultaneously more difficult for IT teams to detect and protect organizations from those attacks.  What you can’t see can hurt you.

Decrypting and re-encrypting traffic are intensive tasks and take a great deal of computational horsepower to perform. When coupled with the huge volume of encrypted traffic, attempting to perform decryption of SSL/TLS encrypted traffic on security inspection devices via native decryption can tremendously degrade the performance of those devices.  Fortunately F5 and Cisco have a solution for this Catch-22 and can solve encrypted traffic challenges while delivering best of breed security protection with enterprise-class performance.

F5 SSL Orchestrator and Cisco Web Security Appliances (WSA) combine to deliver centralized visibility, orchestration, and control of web traffic. In short,  optimizing security from web-based threats against any device or application – no matter if they are on-premises or in the cloud.

Cisco Web Security Appliance (WSA) prevents advanced web security threats and delivers protection and consistent control across all endpoints and everywhere in between -- including mobile devices, web-enabled and mobile apps, and web browsers. The challenges of securing and controlling web traffic are addressed easily and quickly with Cisco WSA. The Web Security Appliance combines Advanced Malware Protection (AMP), Cognitive Threat Analytics (CTA), Application Visibility and Control (AVC), augmented with enhanced file reputation, continuous file analysis acceptable-use policies, insightful reporting, and highly secure mobility in a single easy-to-manage platform.

F5 SSL Orchestrator prevents the security blind spots created by encryption, empowering visibility into encrypted traffic and delivering centralized, high-performance decryption of inbound and outbound SSL/TLS traffic. SSL Orchestrator enables traffic inspection across multiple security tools to expose hidden threats and stop attacks. It dynamically chains security devices, independently monitoring and scaling them while intelligently managing decryption and steering traffic across the entire security stack via a contextual classification engine, reducing administrative costs while optimizing the efficacy of security resources.

Combining these solutions from F5 and Cisco enhances security for organizations against a key threat vector often leveraged by attackers to exploit vulnerabilities, establish command-and-control (CnC) channels, and steal personal or confidential data. F5 SSL Orchestrator and Cisco WSA seamlessly integrate, intelligently managing SSL/TLS while optimizing and even enhancing security capabilities.

The F5 / Cisco solution delivers peak performance and advanced protection against web exploits, working in concert to enable advanced web security with maximized efficiency and performance. Further, it optimizes security while maximizing efficiency; expeditiously secures against attacks leading to lost data, revenue, brand reputation, and other business impacts; and decreases security total cost of ownership (TCO) while increasing security return on investment (ROI).

Together, F5 and Cisco help you best gain visibility into and defend against threats hidden in encrypted traffic, letting you see – and stop – what can hurt you and your organization.

If you’re attending Cisco Live U.S. in San Diego, June 10-13, visit the F5 booth (#1323) to learn more about the joint F5 SSL Orchestrator/Cisco Web Security Appliance (WSA) solution.

You can also visit the F5/ Cisco partner web page or download The F5 SSL Orchestrator and Cisco WSA Recommended Practices Guide:  SSL Visibility with Service Chaining for Advanced Threat Protection.

To find out how F5/Cisco joint solutions can help your business, please contact Sales@f5.com or Partnering-csta@cisco.com.