This week, Google released Chrome version 68, currently, by far the most popular web browser. Chrome will, from now on, treat all websites that are not encrypted, that is, HTTP websites, as unsafe and in this fashion continue to push the entire web towards HTTPS.
At first glance, the change is merely “cosmetic” – from now on all HTTP websites will be marked as “Not secure”. For the end user, these are good news because Google is speeding up the process of transition from (for attackers) easily readable and insecure HTTP to encrypted and more secure HTTPS.
According to Google’s research, 75% of websites visited in Chrome on Windows are now using HTTPS, while 81 of the top 100 websites now use HTTPS by default.
What does this mean for you, your organization, and your IT infrastructure?
If you don’t decrypt HTTPS, that is, SSL traffic:
- You don’t see malicious traffic to attackers’ servers and you can’t perform analysis or attack forensics – your ATP tool is blind;
- You have limited or no control over the websites that users can(not) access – your web gateway is inefficient;
- You don’t know if confidential information from your organization is passed on to unknown web services – your DLP tool is blind;
- In short: your existing security equipment loses its value.
How can you address these issues?
Symantec SSL Visibility Appliance is a hardware device designed for a specific purpose – decryption of SSL traffic. It enables centralized SSL traffic management and sending decrypted traffic to a number of related security devices – the idea of the solution is to decrypt once, feed many. “Consumers” of decrypted traffic may include Advanced Threat Protection and forensic devices, IDS/IPS tools, Next Generation Firewall devices and Data Loss Prevention products. Not to mention that Symantec’s own secure web gateway solution, ProxySG, can also be relieved of SSL decryption. That solves the need for repeated decryption of traffic on each of these devices.
All this enables: better visibility of previously hidden traffic, simpler configuration, less additional investments in security devices, selective decryption by content categories, and improved utilization of existing equipment.
For advice on integration into the existing environment, quotation and additional information on these products, feel free to contact us.