By John Whetstone
Chances are your mother has yelled this at you at least once. However, contrary to what she might have had you think, sockets aren’t always a bad place to stick things. This is especially true when we share information across nonsecure channels, such as the Internet.
SSL/TLS cryptographic protocols have been widely adopted (from email and instant messaging to banking and home automation applications), and for good reason. Without SSL/TLS, sensitive data would be out there for the taking by anyone with the skills and the inclination.
Encryption doesn’t just help to protect personal data, it also secures enterprise assets. NSS Labs’, Jason Pappalexis is authoring a series on The Encrypted Web, part 1 (An Upward Trajectory) and part 2 ( Malicious Traffic) of which are currently available in the NSS Labs Research Library. The series reveals that as much as 40-50% of all enterprise web traffic is currently encrypted, and this number is forecasted to increase to at least 75% by 2019. This rise will drive the adoption of dedicated SSL appliances that can handle the larger amounts of encrypted traffic. Now, thanks to new techniques utilized by threat actors, the need to rapidly decrypt data has become just as important as the initial need to encrypt. This adds to the case for the adoption of dedicated appliances to handle all SSL/TLS traffic. Wherever possible, NSS will be incorporating SSL/TLS testing into its group tests, and we are planning a group test that focuses specifically on these protocols.
Recently, the NSS Labs Enterprise Architecture Research Group (EARG) conducted a study on the deployment and management of security controls in US enterprises, including data on the adoption of dedicated SSL/TLS appliances.
SSL/TLS-related functions are often handled by security controls such as intrusion prevention systems (IPS) or next generation firewalls (NGFW); however, the EARG study found that roughly 42% of US enterprises have dedicated SSL/TLS appliances deployed. Half of these deployments are in large enterprises, followed by very large enterprises (32%), and small and medium-sized enterprises (18%).
Encryption affects us all. Even if it isn’t your thing, understanding its impact on your network is critical. Follow our research on SSL/TLS and stay tuned as we test the performance of these appliances.
NSS Labs is releasing a series of Intelligence Briefs that focus on security controls in the US enterprise, one of which is focused on TLS/SSL appliances. The series will report on security product usage as reported by 510 information security professionals representing 50 US industries. This paper is available to subscribers to our research library.
Follow us on Twitter (@NSSLabs) to keep informed as new research is released.