The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are the foundation of e-commerce security, encrypting the transfer of sensitive data, verifying the authenticity of websites, and ensuring the integrity of exchanged information.
Hypertext Transfer Protocol Secure (HTTPS) is an HTTP protocol that uses SSL/TLS to secure the communications between the two systems, i.e., a browser and a web server. The volume of HTTPS traffic has risen significantly in recent years. In 2016, NSS research found that 50% of enterprise traffic was encrypted. This percentage is projected to rise to 75% in 2019.
Web browser-based applications such as Facebook and Twitter and search engines such as Google now enable SSL by default because of privacy and security concerns. In late 2015, Google announced that its search engine would favor sites that used HTTPS over those that didn’t.
Will encrypting the communication between the two systems; i.e., a browser and a web server or website, protect us from all threats?
Unfortunately not. Sophisticated cybercriminals can cloak their attacks within SSL traffic to avoid detection and conceal data exfiltration. By taking advantage of vulnerabilities on the browser side and the web server side, cybercriminals can obtain root-access privilege and weaponize and deliver their attacks using the encrypted communication channels between a browser and a web server. This is why it is critical that web traffic encrypted with SSL is inspected.
SSL inspection protects users and networks from threats that use HTTPS. This functionality allows security products such as next generation firewalls to look inside secured tunnels, check for threats, and block them. NSS recently expanded its testing to include SSL/TLS performance and security testing. Results from these tests are not directly comparable, but when performance was measured with SSL/TLS turned on (versus with SSL/TLS turned off), NSS observed that average connection rates dropped by 92%, latency in average application response time increased by 672%, and average throughput dropped by 60%.
Earlier this month, we announced the results of our 2018 Next Generation Firewall (NGFW) Group Test, and this week we released the results of our expanded SSL/TLS performance testing. Enterprises can leverage these reports during purchasing decisions or to refresh their architectures to include SSL inspection across encrypted traffic.
Follow us on Twitter (@NSSLabs) to keep informed as new research is released.