Most technology improvements come with a price. Secure sockets layer encryption is one – on the one hand it keeps data secure from preying eyes, but it may slow network traffic when security devices decrypt it for inspection.
A10 Networks, which makes the Thunder Application Delivery Controllers, said Tuesday it has a solution: It has partnered with Webroot Inc. to integrate that company’s BrightCloud Web Classification Service with its Thunder and AX ADC products.
Later this year users of those ADCs will be able to subscribe to BrightCloud to extend the controllers’ visibility into traffic and improve performance.
The ADCs’ SSL Intercept feature offloads CPU-intensive decryption and forwards it to firewalls, threat prevention appliances or deep packet inspection devices, the company said. BrightCloud lets security administrators control which type of SSL or TLS traffic to decrypt and which types to forward without inspection – for example, banking or healthcare applications.
“Our customers use a wide array of security products to analyze and protect their users and their data,” Jason Matlof, A10 Networks vice-president of marketing, said in a statement. “Unfortunately, many of these security products cannot inspect SSL traffic, exposing organizations to attack and data exfiltration. By partnering with Webroot, we can provide visibility into SSL traffic without unnecessarily decrypting communications to highly sensitive websites and federally regulated data.”
“We are excited to partner with A10 Networks and integrate our market-leading web classification capabilities with A10 Networks’ innovative SSL inspection solution,” Scott Merkle, vice president of enterprise and OEM sales at Webroot, said in the statement. “Together, we can empower organizations to identify threats lurking in SSL traffic while maintaining compliance with regulatory requirements.”
Webroot says it scores and classifies over 460 million domains in more than 45 languages to correctly identify and categorize websites.
A10 ADCs have to be using its ACOS 4.0 operating system for the capability, which will be released in the second half. The company also said update will include
- Enhanced SSL Offload capabilities with Perfect Forward Secrecy (PFS) and ECDH (Elliptic Curve Diffie-Hellman) cryptography. Forward secrecy and strong new ciphers impede the decryption of data after the fact, and ephemeral keys generate and then discard unique keys after each session;
- ICSA certified Web Application Firewall enhancements that improve security accuracy and coverage, enabling organizations to reduce the risk of devastating web attacks and meet compliance requirements. New features include XML and JSON protection, open redirect attack mitigation, granular HTTP protocol compliance rules, and integration of WAF security policies with aFleX scripting policies;
- Broadened Application Access Management features that centralize user authentication using trusted identity management systems, including new support of industry standard SAML authentication with iDP interoperability.
A10 also announced that Symantec’s Certificate Intelligence Center now supports Thunder ADCs, providing customers with a what it says is a consolidated and simplified method for managing critical security information such as location of certificates, key sizes, ciphers used and validity dates.
Thunder ADC customers can gain real-time visibility of all certificates on all A10 devices in the network, the company said. Other benefits include expiration alerts to avoid disruption, optimizing certificate usage, eliminating gaps in security coverage, and reducing operational costs.
The bot threat
Some of the most serious threats networks face today are "bots," remotely controlled robotic programs that strike in many different ways and deliver destructive payloads, self propagating to infect more and more systems and eventually forming a "botnet."