SSL-encrypted traffic is used to protect your personal information in the past, purchasing products using the Web or in the financial sector. Now, not only major websites such as google or yahoo, all businesses that are vulnerable to security such as webmail, SNS accounts and financial services are using SSL encryption. Large and small information leaks, and other news headlines, government agencies and businesses are now using SSL communications, with nearly 70% of the total traffic coming from the site.
However, it is true that SSL encryption alone makes it difficult to respond to evolving web attacks. Attacks on websites that already use SSL communication have been successful, and their own vulnerabilities are well known. To better explain the dangers of SSL traffic, it is becoming increasingly difficult to trust and use SSL encryption, which functions to protect data from being viewed over the Internet. Existing network equipment does not check the encryption traffic, so even if the data contains bad traffic, it is difficult to check the contents. Nevertheless, we are increasing SSL usage due to the security of encrypted communication that SSL basically guarantees.
SSL visibility solutions have been developed to address the security concerns of these cryptographic communications. The existing security solution is not able to encrypt / decrypt SSL traffic, but the original security function is significantly lowered when the encryption / decryption function is performed. SSL traffic visibility solutions is not a security device. It decrypts the encrypted traffic at high speed, allowing security devices to perform security roles and re-encrypting them to perform their original encryption traffic functions.
If so, will SSL security be fully implemented if SSL visibility solutions is deployed? It’s hard to say yes for certain. First, you need to make sure that there are no compatibility issues with your existing security equipment in order to implement SSL visibility equipment. The following can be problems with existing service delays or failures due to the rate of encryption / decryption and performance. Developed by MONITORAPP, Application Insight SSL Visibility Appliance (AISVA) solves this problem at the same time.
MONITORAPP AISVA, equipped with the highest level of proxy-based technology, performs SSL visibility function that responds to cryptographic traffic coming into the server without affecting the existing security infrastructure. AISVA, which supports all standard SSL based protocols such as HTTPS, POP3S, and SMTPS, is characterized by maximizing compatibility with existing security equipment through Transparent Proxy technology. Active and passive configuration to complete the security scheme, SSL traffic encryption / decryption through the use of SSL Termination function to prevent overload of the web server.
AISVA also known for its high performance. As the use of 2048Bits of high security certificate is replaced with the existing 1024Bits certificate, the performance of the device for decrypting SSL traffic became more important. The MONITORAPP AISVA supports maximum CPS processing performance and is decrypted when used with existing security equipment SSL traffic can be checked without delays in network throughput, thereby eliminating security blind spots in the enterprise!
AISVA can be installed / operated according to the purpose of existing security equipment by configuring Inline / Mirroring method.
AISVA has been recognized as the first and currently the only SSL traffic visibility device in the country market by its excellent compatibility and performance.
With the release of the AISVA product, MONITORAPP can help increase the security of the growing SSL traffic by providing increased management of SSL traffic. In the future, it will work with various security devices to provide a comprehensive policy for encrypted traffic!