Wipe out attacks inside the encrypted data-P2

Monday, 4 October 2010 by nkoknki | 0 comments

Full authorization
One method is to utilize the equipment is fully authorized to help end completely and then restart the structure of an application. This method requires only the application is supported authorization are allowed to use SSL. Even when the authorized device fully supports endpoint and SSL and restart the application layer, then it will have access to unencrypted content.

While content is not encrypted, the device is fully authorized to conduct security checks for data or it can send a copy of the unencrypted data to a security application to perform application testing.

Authorized devices also generally require that the client must be configured to know the device and can connect directly using the flow of applications related to the device. However, this requires a permanent manager. This also means that a client can be configured not take advantage of the device.

SSL Proxy rõ ràng SSL Proxy clear

An alternative solution is to use a transparent SSL proxies in connection with the current security applications have been deployed in the network. SSL Proxy not a clear need to understand or be able to handle the application layer protocol and the proxy is optimized to limit and reorganized SSL protocol layers.

In addition, this Proxy is deployed at a point in the network, where all the traffic of applications or used will be displayed. It will help detect all SSL traffic, carefully check the packet, and is capable of decoding and re-encrypted traffic access to the encrypted traffic. The flow will then be packed into a TCP stream "generated" and are sent to one or more security applications available on the network.

Once these security applications may receive the encrypted traffic, they will perform their work and detect whether any threats or vulnerabilities does not leak data. If security is an application filter, such as the IPS, it will remove the malicious traffic, and SSL Proxy will detect and eliminate back flow lines corresponding SSL.

If IDS is a security application or a device Network Forensics, the application will generate reports on the risks that have been detected in the flow is not encrypted.

Because the flow is not necessarily clear to send Proxy, the Proxy does not require client configuration. Additionally, because we did not finish and re-arrange the application layer protocol, so we do not need to delay time and can operate at high speeds.

Because Proxy does not require the use of security applications in an enterprise network, they do not cause difficulties in operation and they do not require changes in network configuration or client.

Because of data traffic is encrypted continue to rise, businesses must find ways to make sure the security application is installed not been turned into useless by SSL traffic. The Proxy is clearly the best solution in the face of threats from malicious code hidden within SSL traffic.

According Technewsworld

OS tips

Connecting IT

Wipe out attacks inside the encrypted data-P2

0 comments:

Post a Comment

Learning English

Followers

Visitors