ShieldX Elastic Security Platform Extends Visibility into Encrypted Traffic; Aiding in the Fight Against Covert Malicious AttacksFebruary 25, 2019
ShieldX, the leader in elastic security, today announced Transport Layer Security (TLS) 1.3 support for the company’s Elastic Cloud Security platform. With this update, ShieldX provides customers with contextual threat intelligence including real-time analysis correlation for encrypted traffic, compliance with cryptographic protocols and an intent-based security posture that capitalizes on existing security investments. Customers can now easily inspect encrypted data pervasively in virtual datacenters and the cloud with a single pane of glass.
By leveraging encryption, cybercriminals can easily sneak malware onto multi-cloud environments, while making it more difficult for firewalls and traditional defenses to detect exploits and identity abuses. In addition, Gartner states that “through 2019, more than 80% of enterprises’ web traffic will be encrypted.”1 As such, visibility into encrypted traffic to detect malware, covert channels, and data exfiltration is vital to protecting sensitive data in the cloud.
“One of the issues with traditional vendors is the inability to easily upgrade their monolithic solutions either in physical or virtual form factor. A security system made up of microservices provides a superior experience to customers,” said Manuel Nedbal, co-founder, CTO and SVP of ShieldX. “This upgrade with ShieldX is run by bringing a new microservice with TLS 1.3 and only when the system indicates it can handle new connections will the old ones be de-provisioned. This seamless approach that follows the rolling upgrades model is designed to minimize impact on running systems and business.”
“Beyond using TLS 1.3 for encrypting traffic, many security vendors are either not able to inspect TLS 1.3 tunnels or are degrading a TLS 1.3 tunnel to a weaker standard. For these other providers, the hard part is becoming a transparent proxy that terminates a TLS 1.3 encrypted tunnel, inspects it for threats and then establishes the same TLS 1.3 tunnel to the original destination. ShieldX can address this issue for both inbound and outbound connections,” Nedbal continued.
ShieldX is offering TLS inspection as a microservice that can scale more easily than existing solutions. With this new capability, customers can adopt Internet Engineering Task Force’s (IETF) newly approved TLS 1.3 standards for securing encrypted data while moving away from purpose-built passive monitoring of connections using SSL appliances to more efficient, consolidated, inline active decryption using the ShieldX Elastic Security platform.
“As more criminals turn to encryption, it’s become difficult for security teams to rely on traditional solutions that are ineffective against these attacks and often cause latency issues and disruptions in the cloud,” said Dr. Ratinder Ahuja, ShieldX co-founder and CEO. “By adding TLS 1.3 Support to ShieldX’s Elastic Security Platform, we are not only making it easier for security professionals to discover covert attacks, we’re easing the operational burden by giving teams the ability to consolidate several network solutions into a singular cloud-based alternative.”
ShieldX is able to add TLS 1.3 support its architecture to help consolidate and simplify managing the encryption/decryption of network traffic. As result, customers will be able to consolidate security solutions and apps with the added ability to scale for encrypted traffic analysis. With these capabilities, customers:
- Gain added throughput leading to improved performance
- Improve confidentiality and privacy with the ability to better locate and protect encrypted traffic
- Secure data in transit for transactions on the network and removes absolute and insecure features
- Adapt new stateless architectures with state of art encryption that reduces CAPEX