SSL Inspector allows organizations to identify threats hidden within SSL-encrypted communications.
Fidelis Security Systems, a
specialist in network visibility, analysis and control solutions, announced a
cloud-security solution designed to provide visibility and control to decrease
risks associated with using software as a service (SaaS). The solution is
deployed at the enterprise network edge where traffic between the enterprise
and SaaS provider can be monitored.
With Fidelis Cloud Security
Solution that combines SSL Inspector and XPS Direct sensor, enterprises can
help ensure that only authorized services and service providers are being used,
only authorized information is being transferred to or through these providers
and that users arent downloading malicious content that might be the basis for
an attack on the enterprise network itself. Enterprises can also ensure that
their users arent the victims of a man-in-the-middle attack when connecting to
their SaaS providers.
Its easy for people within
an organization to adopt SaaS applications on their own initiative without
consulting security personnel, said Hardik Modi, senior product manager at
Fidelis Security Systems. Applications with roots in the consumer market end
up being adopted for business purposes, and organizations dont have control
over the kind of information hosted there. Many SaaS providers have suffered
public security breaches that expose them and their customers to the loss of
sensitive business information. We are addressing this concern with our new
Fidelis XPS Cloud Security Solution.
Fidelis XPS is a
network-security-monitoring solution capable of seeing, studying and stopping
threats in real time, providing organizations with the network visibility,
analysis and control necessary to manage advanced threats, analyze forensics
data more intelligently and prevent data breaches. SSL Inspector allows
organizations to identify threats hidden within SSL-encrypted (Secure Sockets
Layer-encrypted) communications, with no impact to existing network
configurations and performance, and provides organizations with security,
content inspection and threat detection created by the SSL.
Security and a perceived
loss of data control continue to slow cloud adoption across multiple industries
that could benefit greatly from the freeing of IT resources and capital, said
Wendy Nather, research director of enterprise security practice at 451
Research. Many organizations are fearful that putting data out into the cloud
with little-to-zero visibility will either compromise data integrity or
potentially open a portal into their network creating a security risk. Tools
such as Fidelis Cloud Solution should help to alleviate some of these concerns
and expedite cloud adoption in some areas.
The company recently
announced the SSL Decoder within Fidelis XPS, which provides the ability to
assess the authenticity of an SSL certificate. Fidelis also introduced the SSL
Inspector 10G, which enables the XPS Deep Session Inspection architecture to
detect threats in SSL-encrypted content on 10G Ethernet networks. The
combination of these rules and implementing this action at the network edge is
designed to provide a measure of ease of use for large enterprises that would
otherwise have to rely on application vendors retroactively providing patches
following publicized breaches at SSL Certificate Authorities and users applying
these patches correctly.