While encryption can keep your network traffic safe from hackers, it can also prevent your security and monitoring tools from seeing inside the packets crossing your network. Knowing that many organizations pass encrypted traffic into their networks without full inspection, the bad guys use encryption to hide malware and launch attacks – effectively hijacking your network. To keep defenses strong while limiting the risk of security breaches and data loss, you need to decrypt, examine, and re-encrypt all network traffic.
The burden of decryption
Devices for decryption must be powerful. Encryption algorithms are becoming longer and more complex to withstand hacking. A 2013 test done by NSS Labs found that moving from 1024- to 2048-bit ciphers caused an average performance drop of 81% on eight leading firewalls. However, SSL decryption does not need to be done on the firewall: decryption can be offloaded so that plain text is sent to tools, enabling them to work efficiently and process more traffic. Here are four strategies to make decryption easier, faster, and cost-effective.