Decrypt SSL and TLS 1.3 for Inspection and Protection

Big Changes to Consider

SECTION 2

Not long ago, the Secure Sockets Layer (SSL), or Transport Layer Security (TLS), was used almost exclusively by government agencies and large financial institutions. Today, TLS 1.3 is used by organizations of all kinds to protect their data transmitted through countless sites and applications.

.     .     .     .    .     .     .     .     .     .     .     .     .    .     .     .     .     .     .     .     .
.     .     .     .    .     .     .     .     .     .     .     .     .    .     .     .     .     .     .     .     .
.     .     .     .    .     .     .     .     .     .     .     .     .    .     .     .     .     .     .     .     .

86%

Almost 86% of all page loads over the web are now encrypted with HTTPS.

F5 Labs Threat Intelligence

THE RISE OF TLS 1.3

The adoption of SSL/TLS has been sped up by regulatory standards such as PCI DSS, HIPAA, and the EU’s General Data Protection Regulation (GDPR), which require that transmitted data be encrypted. Moreover, organizations have been spurred to adopt SSL/TLS by Google search results policy, which gives preferential treatment to sites that encrypt.

However, the rise of SSL/TLS isn’t all good news. Attackers are increasingly hiding insidious attacks within encrypted traffic—which means that the security protocol itself has become a threat vector. Regaining visibility into that encrypted traffic is one of the most important steps you can take to protect your apps, your data, and your business.

 

 

 

WHAT IS TLS 1.3?

When a web client (Internet browser) connects to a secure website, the data is encrypted. But, how does all that happen? What type of encryption is used, and how does the Internet browser know what type of encryption the web server wants to use? This is all determined by what is known as a TLS Cipher Suite. See how it all works in this video.  

 

 

 

THE TLS 1.3 HANDSHAKE 

The handshake process between client and server has changed dramatically with the new TLS 1.3 protocol. The new process is much more efficient and allows encrypted application data to flow much faster than in previous versions. In this video, we outline the TLS 1.3 handshake and all the cool new features it has.

UPGRADING TO TLS 1.3

Encryption standards are constantly evolving, so it’s crucial to stay up to date with current best practices. The newest version of the TLS protocol (version 1.3) was recently approved by the Internet Engineering Task Force (IETF). There are several key changes in this protocol, such as a requirement to use ciphers that support Perfect Forward Secrecy (PFS), and the introduction of a zero round-trip time handshake for session resumption. In this video, we outline many of the important features of this new protocol. 

TLS ADOPTION IN THE ENTERPRISE

TLS 1.3 has been approved by the IETF and contains major improvements in the areas of security, performance, and privacy. The performance boost TLS 1.3 offers is a welcome upgrade, but there are some security challenges with PFS which makes decryption and inspection increasingly difficult.

However, PFS also removes the ability to perform passive inspection and makes it tougher to spot malicious traffic and defend against attacks hidden in that encrypted traffic. To learn more about organizations' strategies, policies and approaches to TLS 1.3 deployments, read the TLS 1.3 Adoption in the Enterprise report.

75%

of IT practitioners said their top concern about encryption was their ability to monitor application security.