Five Steps to Implementing an SSL Encrypted Traffic Management Strategy
In today’s highly diversified threat landscape, the fact is that there will always be some type of malicious behavior trying to take advantage of vulnerabilities within an organization or a user’s work environment. Encrypted communications helps minimize the risk and mitigate some of these threats, but it’s not simply about adding a feature on a website or application – enterprises now need complete visibility into the encrypted SSL-based traffic running on their network.
An encrypted traffic management (ETM) strategy that balances privacy and compliance requirements with security demands is essential. Because employee privacy policies and compliance regulations vary geographically, per organization and per industry, businesses need flexible, customizable and targeted decryption capabilities to meet their unique business needs. Policy-based solutions should decrypt only targeted traffic, enabling organizations to protect the privacy of employee personal information while inspecting suspicious content and enforcing security policies.
So how do you begin to refine and implement an ETM strategy? Here are five steps to get started:
1. Network and Application Assessment – Assess your environment and take inventory of what applications and services are running in your organization’s network and recognize which are using SSL/TLS.
2. Establish Policies – Establish policies based on your corporate rules, combined with any compliance regulations specific to your industry, identify where privacy is essential for your inbound and outbound applications and then establish the appropriate “allow” or “deny” policies.
3. Assess Your Current Network Security Infrastructure for SSL Visibility – Assess your existing network security infrastructure and clarify if it can sufficiently recognize, inspect and process all applications and traffic, including those that are encrypted.
4. Understand & Resolve the Performance Ramifications of SSL Inspection – Study the impact on performance and productivity when SSL encryption is introduced. The resulting performance and function degradation can be significant once enabled in most next-gen firewalls (NGFW) or intrusion detection and prevention systems (IDS/IPS).
5. Plan, Implement and Monitor – Based on the above, execute your plan and continuously monitor your environment for improvement.
Encrypted traffic is pervasive in today’s enterprises and market research indicates continued rapid growth over the next several years. IT network operators are looking for new solutions that satisfy the need for information security for the enterprise and for individual users, as well as requirements for corporate compliance, acceptable-use policies and government regulations for security and privacy. An ideal solution should not require re-architecting the security infrastructure, nor impact network performance.
Historically it has been difficult, if not impossible, to satisfy these competing requirements for comprehensive security, high performance and effective, policy-based control. Blue Coat offers a choice of encrypted traffic management solutions that meet these requirements, and give any organization complete visibility and control of SSL communications and potential threats while ensuring the privacy of customer and employee information.
# # #