Fidelis Introduces SSL Traffic Security Platform
Fidelis Security Systems, a specialist in network visibility, analysis, and control solutions, announced the SSL Decoder within Fidelis XPS, which provides the ability to assess the authenticity of a Secure Socket Layer certificate. Fidelis also introduced the SSL Inspector 10G, which enables the XPS Deep Session Inspection architecture to detect threats in SSL-encrypted content on 10G Ethernet networks. The XPS SSL Decoder and SSL Inspector 10G appliance will be available this quarter.
By leveraging the rules engine that is at the core of XPS, Fidelis is adding the ability to put rules in place to evaluate certificates and to take action, such as preventing a session, if the certificates characteristics are suspect. The combination of these rules and implementing this action at the network edge is designed to provide a measure of ease of use for large enterprises that would otherwise have to rely on application vendors retroactively providing patches following publicized breaches at SSL Certificate Authorities and users applying these patches correctly.
"With the recent widely-publicized breaches of Certificate
Authorities, enterprises are in desperate need of a way to verify the
authenticity of SSL certificates," said Gene Savchuk, CTO at Fidelis.
"While SSL pinning - white-listing a certificate authority public key
in a browser for a specific domain or set of domains - is emerging as a
potential solution, it will quickly prove inadequate for enterprises
due to the dynamic nature of certificates and a need for a solution
that scales. The Fidelis XPS SSL Decoder mimics this concept, but at
the network edge rather than at client end-points, and offers more
centralized management which is conducive to certificate changes and
Fidelis introduced the SSL Inspector in late 2010 to remove the
blind spots in content inspection and threat detection created by
SSL-encrypted traffic. "SSL-encrypted traffic makes up an ever
increasing share of the traffic seen on an enterprise network with the
proliferation and cloud computing and social networking," said Andrew
Hay, senior security analyst at IT research firm 451 Research. "Though
the security and confidentiality capabilities provided by SSL are
widely known, SSL can also be used to conceal malicious activity such
as botnet command-and-control or data exfiltration. If companies are
not leveraging network monitoring tools capable of inspecting encrypted
traffic, they're likely missing an important threat vector."
In response to increasing demand to inspect traffic at speeds above
one gigabit, Fidelis is introducing the SSL Inspector 10G. The system
is in a smaller form factor (1U), offers interface flexibility from 1
gigabit copper or fiber to 10 gigabit fiber, is designed to inspect
multiple inline segments and can distribute traffic to multiple devices
in the enterprise security stack.