Next Generation Firewall Must-Have Features
Part 2: SSL Decryption
In today’s digital age, security has become tantamount to success in ensuring business continuity. That said, ensuring that the latest and greatest security measures are in place on a network’s perimeter security appliance is crucial in ensuring a healthy and vulnerability-free network. In this blog, the NG or “Next Generation” firewall will be showcased to underscore some of the top modern-day features that should be taken into consideration when purchasing or refreshing a new firewall. These features will reduce the probability of successful attack, consolidate feature-sets, and ensure an optimal network.
Deep-Packet SSL Inspection
It’s now estimated that over 70% of traffic is now SSL encrypted. From a security perspective, this means that every connection to an SSL enabled website is encrypted between the hand-shake of an endpoint (a computer) and the connecting server. This prevents any man-in-the-middle from inspecting the traffic and possibly compromising data in-between.
From an analytics perspective, this makes it increasingly difficult to effective monitor and log data that’s flowing through a network. The solution to this issue would be an implementation of SSL Decryption on an NG firewall.
In this scenario, a self-signed certificate generated from the firewall is assigned to all endpoints utilizing the network. The endpoint will “trust” the firewall and allow the firewall to attack as a decryption point into the network and allow, block, or log the traffic as needed. This is important in environments that require granular logging or requires regular reports on network traffic.
Additionally, this allows administrators to block specific parts of a website. For example, objects within a site can be blocked and certain parts can be left as-is.