Fidelis Security Systems, a specialist in network visibility, analysis and control solutions, announced a cloud-security solution designed to provide visibility and control to decrease risks associated with using software as a service (SaaS). The solution is deployed at the enterprise network edge where traffic between the enterprise and SaaS provider can be monitored.
With Fidelis Cloud Security Solution that combines SSL Inspector and XPS Direct sensor, enterprises can help ensure that only authorized services and service providers are being used, only authorized information is being transferred to or through these providers and that users arent downloading malicious content that might be the basis for an attack on the enterprise network itself. Enterprises can also ensure that their users arent the victims of a man-in-the-middle attack when connecting to their SaaS providers.
Its easy for people within an organization to adopt SaaS applications on their own initiative without consulting security personnel, said Hardik Modi, senior product manager at Fidelis Security Systems. Applications with roots in the consumer market end up being adopted for business purposes, and organizations dont have control over the kind of information hosted there. Many SaaS providers have suffered public security breaches that expose them and their customers to the loss of sensitive business information. We are addressing this concern with our new Fidelis XPS Cloud Security Solution.
Fidelis XPS is a network-security-monitoring solution capable of seeing, studying and stopping threats in real time, providing organizations with the network visibility, analysis and control necessary to manage advanced threats, analyze forensics data more intelligently and prevent data breaches. SSL Inspector allows organizations to identify threats hidden within SSL-encrypted (Secure Sockets Layer-encrypted) communications, with no impact to existing network configurations and performance, and provides organizations with security, content inspection and threat detection created by the SSL.
Security and a perceived loss of data control continue to slow cloud adoption across multiple industries that could benefit greatly from the freeing of IT resources and capital, said Wendy Nather, research director of enterprise security practice at 451 Research. Many organizations are fearful that putting data out into the cloud with little-to-zero visibility will either compromise data integrity or potentially open a portal into their network creating a security risk. Tools such as Fidelis Cloud Solution should help to alleviate some of these concerns and expedite cloud adoption in some areas.
The company recently announced the SSL Decoder within Fidelis XPS, which provides the ability to assess the authenticity of an SSL certificate. Fidelis also introduced the SSL Inspector 10G, which enables the XPS Deep Session Inspection architecture to detect threats in SSL-encrypted content on 10G Ethernet networks. The combination of these rules and implementing this action at the network edge is designed to provide a measure of ease of use for large enterprises that would otherwise have to rely on application vendors retroactively providing patches following publicized breaches at SSL Certificate Authorities and users applying these patches correctly.