t cht lk
TECH TALK
Internet traffic is encrypted according to the
Google Transparency Report/Dark Reading.
What are some of the most complex
network security challenges that
enterprises and large organisations
are encountering?
I would say building a skilled security team
that is capable of identifying priorities and
executing on a plan is key. This begins with
assessing the assets (data and infrastructure)
up to correlating between different security
reports and analyses. This helps to establish
a vision, but before that, the CISO has
to ensure that vision is comprehensive
and that an assessment is built based on
accurate reports and measured analysis.
Without proper traffic visibility, this will be an
unachievable mission.
How crucial is network visibility in
preventing attacks and how difficult
is this to achieve?
None of the above will be achieved without
traffic visibility (ingress and egress). Visibility
in each and every level is mandatory in order
to activate the security devices. Visibility is
not a nice-to-have, it is critical. And I always
advise our partners to consider it as a top
priority. Otherwise, reporting and analysis
will be meaningless.
Also, it is very important to realise
that visibility does not mean violating
confidentiality – ensuring compliance with
privacy standards should not conflict with
visibility and this is achievable.
How does A10 Networks’ Thunder
SSLi product help to eliminate the
blind spot?
Blind spot is a terminology that describes
the situation when security devices cannot
inspect the actual data or application layer
due to encryption. Once the client/server
exchanges the TLS certificate and key
during the TCP handshake, the traffic will
be encrypted, thus there will be no way to
intercept the traffic and inspect it.
Cyberattackers are aware of this fact, so it
is easy to hide malicious activities into an
application layer to pass it through security
defences towards the targeted services or
machines. The end service will then decrypt
78
INTELLIGENTCIO
“
DEPLOYING
OUR SSLI
SOLUTION AND
FORWARDING THE
TRAFFIC TO MANY
INLINE AND NON-
INLINE SECURITY
DEVICES
ELIMINATES THE
DECRYPTION
OVERHEAD OF
EACH SECURITY
DEVICE.
the traffic without prior inspection. This is a
risky scenario, isn’t it?
The A10 Networks Thunder SSLi solution
helps to eliminate blind spots by intercepting
the client/server TLS negotiation as full proxy
and maintaining two separate sessions, one
session with the client’s side and the other
one with the server’s side.
In between, A10 Thunder SSLi will feed
the security devices intelligently with clear
text traffic. After the security device
finishes the inspection and forwards the
traffic, A10 Thunder SSLi will encrypt the
traffic again before forwarding it to the
original destination.
How does the product help to make
the lives of CISOs easier?
Deploying our SSLi solution and forwarding
the traffic to many inline and non-inline
security devices eliminates the decryption
overhead of each security device. This
improves performance while maintaining
proper security diligence, enhancing the user’s
experience and saving costs by eliminating
the need to purchase bigger security devices
just to support resource-intensive decryption
and encryption functions. This will help
CISOs achieve the next level of securing the
Hesham Elsherif, Principal System Engineer
at A10 Networks
infrastructure by fine-tuning the security
policies and configurations on security devices
based on the visibility obtained and the
control gained by eliminating the blind spot.
www.intelligentcio.com