New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
 
2008 Best Deployment Scenario

Examining SSL-encrypted Communications - Netronome SSL Inspector™ SSL Proxy

 

WHAT IS THIS TECHNOLOGY?

SSL-encrypted traffic has grown to constitute a significant percentage of data transmitted to and from the enterprise or home user. At the same time, network-based threats, such as spam, spyware, viruses, phishing, identity theft, data theft and other forms of cyber crime have become commonplace. To combat these threats, network security appliances (Intrusion Detection and Prevention Systems and, increasingly, Network Access Control devices) have become standard issue in the enterprise data center. In most instances, though, these sophisticated security devices are blind to the payloads of SSL-encrypted communications, leaving a gaping hole in any enterprise security architecture.

ORDER REPRINTS
 
Info Security Products Guide
 
this article
 
COMPARE and print reports
 
RATE products






Tomorrow's Technology Today - Large Enterprise Security Solution


WHAT DOES THIS TECHNOLOGY DO?

The Netronome SSL Inspector is the industry’s highest-performance transparent proxy for Secure Sockets Layer (SSL) network communications, providing applications with access to the plaintext in SSL-encrypted connections. Beyond industry-defining performance, the Netronome SSL Inspector is the first transparent SSL proxy that both increases network security and significantly minimizes deployment and operational costs by removing costly user and network configuration. The Netronome SSL Inspector was designed for security and network appliance manufacturers, enterprise IT organizations and system integrators to provide industry-leading performance at a fraction of the cost of other solutions. Without compromising any aspect of enterprise or government-regulated compliance, the Netronome SSL Inspector allows network appliances to be deployed with the highest levels of flow analysis while still maintaining multi-gigabit, line-rate network performance.

The Netronome SSL Inspector enables existing security and network applications to obtain access to the plaintext within SSL-secured flows, thereby extending the benefits of their applications to SSL-encrypted traffic. Unmodified applications running on the same platform as the Netronome SSL
Inspector, or on adjacent appliances, can gain visibility into the content of SSL traffic. The plaintext of SSL flows can be fed to existing applications via a dedicated gigabit Ethernet link while non-SSL flows are mirrored to the security appliance, firewalled or cut-through, bypassing the security appliance altogether. This enables SSL visibility to be added to existing network security infrastructure with no integration effort. Netronome’s network processing and cryptography acceleration hardware are leveraged to forward non-SSL traffic at multi-Gbit/s rates.
               
The Netronome SSL Inspector is deployed as a “bump-in-the-wire” as a fully transparent proxy, eliminating the need for costly reconfiguration of network elements, clients and servers. Configuration of clients and servers to make them direct SSL traffic towards the proxy is no longer required. The Netronome SSL Inspector just needs to be located in-line so that all network flows (including SSL flows) pass through it. 
               
Since the Netronome SSL Inspector is an extension to the Netronome Flow Manager (NFM), which provides industry-leading flow analysis and deep packet inspection capabilities, applications can take advantage of the NFM to increase their network flow processing performance for a wide range of L2-L7 protocols after decryption. These include HTTP, FTP, SIP, IM, P-P, tunnels and more. Applications can access the plaintext version of SSL streams through Netronome’s zero copy API, Virtual Network Interface Cards (VNICs), or by redirecting SSL plaintext and non-SSL flows to external network and security appliances.
               
Netronome’s solutions enable the identification and elimination of risks, such as regulatory compliance violations, viruses/malware and intrusion attempts normally hidden within SSL. The privacy and integrity of SSL-encrypted communications are maintained by making the plaintext available only within a controlled environment while also exempting certain traffic from inspection based on user preference.

Conclusion: The highest-performance SSL proxy, providing visibility into the contents of SSL-encrypted flows at the highest speeds, largest number of flows and highest connection rate. The SSL Inspector is the first transparent SSL Proxy that increases security and significantly minimizes deployment and operation costs by removing costly user and network configuration.


Netronome Systems, Inc.
144 Emeryville Drive
Suite 230
Cranberry Twp., PA 16066
Tel: +1-724-778-3290
CLICK HERE to download white paper/report