For a company interested in security issues, the danger of "potential" hidden within SSL-encrypted is impossible to ignore. If SSL is used not for any particular purpose, the problem can be solved simply by avoiding or preventing the use of SSL.  However, the reality is different. SSL is used to provide security measures are needed in a variety of applications.

 

A more secure way to help ensure the security of this application does not detect the risk of attack or data loss associated signature is to prevent and monitor the site when operations; the easiest way to do this is encrypted network traffic.

 

If network coding is used only for a small traffic network, is the fact that these attacks can be hidden inside the encrypted traffic is not a worrisome problem. However, Secure Sockets Layer (SSL) - encryption protocol information - used wide in order to protect network traffic and SSL traffic numbers have increased significantly in recent years.

HTTPS is simply running on the SSL protocol, the basic interface for most Web 2.0 and cloud applications and also the default interface for chho applications are widely used as Gmail, Yahoo mail and Google.

An enterprise network can be found today is approximately 20 to 80% on the network traffic is encrypted SSL, and this number is increasing with time.

 

All SSL traffic is encrypted and, unfortunately a similar tool is used to encrypt traffic to prevent attacks is key to the attacks. Because SSL helps secure data transmission and encryption, the attacker can also use this technology effectively to hide their malicious code attacks.

 

Security architecture is the use of today's businesses to protect data without the ability to detect content within the encrypted data.

For instance, with most businesses, more than 50% of traffic to and outbound from the network must go through security architecture. The attacks on web server businesses will not be blocked by the Intrusion Prevention System (IPS) - a solution to the illegal intrusion, malware from the Internet sites using HTTPS protocol will be harmed desktops of enterprise and outgoing mail on the webmail through HTTPS risk of leaking vital information, despite the presence of the system against data loss Data Loss Prevention (DLP).

For an enterprise security concerns, focusing on the risk caused by malicious code or virus hiding in SSL traffic is encrypted it can not be ignored.

 

If SSL is used not for any particular purpose, the problem can be solved simply by avoiding or preventing the use of SSL. However, the reality is different. SSL is used to provide security measures are needed in a variety of applications.

For example, lets use SSL webmail not mean that the business email that can spread over the public network and the attacker can access easily. In addition, use of Google applications, without SSL support will "expose" your important data to anyone who can access them when they use the Internet.

 

With the rise of online shopping, e-commerce traffic without the "protection" of SSL seems unlikely to succeed because most people know that a trusted site when the browser they display the lock icon, indicating that SSL is being used.

Difficult problem is how can both use encrypted traffic but you can still prevent them from making the application useless security. There are several methods to solve this problem. Each solution offers a different way to turn the encrypted contents of a network can "shake hands" with other security applications, but has retained the point to point encryption between client and server, to ensure the best security. The methods differ in their impact to the operational capability of the application, the complexity of network configuration and requirements of the custom client.

Continue: Click here