SSL is a key component of Internet security and brings significant privacy and security to end users, but at the same time is creating a significant challenge for IT security departments and making enterprises more vulnerable to threats and data loss.
Solera Networks, a network forensics solutions provider, today announced that it has teamed up with Netronome, a provider of high performance SSL decryption solutions, to offer a combined solution that decrypts SSL traffic and sends all network traffic to Solera DS Appliances for complete capture, allowing administrators to instantly reconstruct any network security event.
Encrypted SSL sessions typically bypass most security protections offered by many firewalls, intrusion detection systems, and DLP systems, creating a blind spot in enterprise networks. According to a report released in May 2011 by Palo Alto Networks, more than 40% of the 1,042 applications that were identified on enterprise networks in the study, could use SSL or hop ports to increase their availability within corporate networks.
A representative of Solera Networks presented SecurityWeek with an interesting real-world scenario to compare how SSL network traffic can pose a significant risk to an organization: “It’s as if a guy speaking Albanian walks up to you and says he’s going to kill you, but you don’t understand Albanian, so you ignore him and his weapon; he still shoots you.” Essentially, if you don’t know what’s passing through your network due to traffic being encrypted via SSL, how do you know if malicious events are occurring?
“We’re seeing increased use of encryption to mask the true nature of malicious traffic,” said Steve Shillingford, President and CEO of Solera Networks. “To effectively respond to these scenarios, you must know how the attacker got in, what they saw, what they took, and what they left behind. Our partnership with Netronome now insures that even encrypted traffic is available for inspection during this effort.”
Solera DS Appliances classify, index, and store all data that passes through networks, currently at speeds up to 10Gbps. Once network traffic is captured, Solera’s Appliances can:
• Provide full visibility into any network activity or security event
• Help security professionals quickly discover attacks
• Deliver evidence of the depth and scope of an attack
• Speed up incident investigations and root cause analysis
• Deter acceptable use violations with full view and replay of user’s network activity
“One of the top questions we get from customers is how they can gain visibility into what is happening within their encrypted traffic,” said Mike Simon, President SNR Systems, a major supplier of secure telecommunications systems to the US Federal Government. “By combining the Netronome SSL Solution with Solera Networks DS Appliances, we give the customer confidence that they are truly seeing everything happening on the network and have the historical record that is critical to taking appropriate action.”
The Netronome SSL Inspector appliance can be deployed alongside existing security appliances in networks ranging from 100Mbps to 10Gbps. The SSL Inspector provides policy-driven access to the contents of encrypted communications, helping to increase the protection provided other security appliances.

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.
More from Mike Lennon
- Watch Now: Threat Detection and Incident Response Virtual Summit
- Registration Now Open: 2023 ICS Cybersecurity Conference | Atlanta
- NetRise Adds $8 Million in Funding to Grow XIoT Security Platform
- Virtual Event Today: Zero Trust Strategies Summit
- Virtual Event Tomorrow: Zero Trust Strategies Summit
- Watch: How to Build Resilience Against Emerging Cyber Threats
- Video: How to Build Resilience Against Emerging Cyber Threats
- Webinar Today: Understanding Hidden Third-Party Identity Access Risks
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
