• SSL Based Attack Protection

    Protection Against Inbound & Outbound SSL Attacks

    SSL attacks are on the rise with encrypted traffic in today's organizations accounting for 25-35% of all inbound and outbound internet traffic. Industry trends such as cloud applications are forcing organizations to use encrypted connections to ensure privacy. The new HTTP/2 internet protocol also mandates the use of encryption in the communication between the browser and server. The need for a SSL inspection and protection solution has become increasingly important because as the use of encrypted connections continues to rise, so do the amount of SSL attacks.

    Today's hackers are increasingly using encrypted connections to hide attack traffic and infiltrate datacenters and applications and current SSL inspection solutions lack the ability to decrypt encrypted traffic and inspect its content. Most cyber security solutions today don't offer options to decrypt encrypted traffic and are left unprotected against attacks carried out through encrypted connections. Terminating SSL encrypted connection is a resource intensive task that has a significant impact on any security solution that doesn't inspect encrypted traffic.

    Radware offers a set of SSL inspection solutions that provide cost effective protection against SSL attacks - both inbound as well as well as outbound cyber threats carried over SSL encrypted connections.

    Radware's DefenseSSL is a module within Radware's Attack Mitigation System (AMS) that protects online businesses from SSL DDoS attacks. AMS is comprised of multiple DoS & DDoS layers of defense including network based protections and application layer protections, which also cover SSL based DoS & DDoS attacks. The integrated solution which mitigates both clear and encrypted traffic is enabled by:

    DefensePro - DefensePro is an advanced SSL inspection and attack mitigation solution with dedicated high performance hardware to confront all types of DDoS attacks. DefensePro's layers of defense contain DDoS security technologies that were designed to detect and mitigate both high rate DoS & DDoS and "low & slow" attacks in the network and application layers, traffic anomaly attacks, connection-based misuse attacks, service cracking attacks, and application scan pre-attack probes – all of which misuse network and application resources and are part of multi-vulnerability based attack campaigns.

    Alteon NG - Alteon NG provides a powerful SSL acceleration engine. Through a dedicated hardware accelerator, the Alteon product delivers the extendable throughput that large on-line businesses need to encrypt and decrypt SSL traffic.

    This integrated solution uniquely mitigates floods that are directed to HTTPS pages and it provides unlimited SSL decryption and encryption capabilities. Additionally, Radware's solution for SSL DDoS attacks can operate in symmetric and asymmetric environments.

    Radware delivers a single box solution for outbound SSL traffic inspection, based on Alteon NG ADC that oversees all of the organization's traffic to and from the Internet. Based on its advanced URL and Layer 4-7 classification capabilities, Alteon NG seamlessly intercepts and decrypts SSL sessions. The decrypted traffic is steered to any content inspection security solution such as firewalls, anti-malware, data leakage protection, etc. Sessions that pass through the security inspection are re-encrypted and forwarded to towards its destination.

    Radware's patented SSL inspection technology embedded in Alteon NG and combined with its transparent traffic steering functionality, offers a high capacity, advanced and flexible SSL traffic inspection solution that is simple to deploy and delivers the following benefits:

    • Enable visibility to all SSL & TLS traffic for real time inspection of outbound encrypted traffic, through one or more content-based security and logging solutions.
    • Transparent deployment eliminates the need to re-engineer the network or configure end user clients to pass all traffic through a predefined SSL proxy.
    • Flexible security policies including URL class based classification ensures user privacy is kept (i.e. traffic to banking sites is not inspected) based on class.
    • Reduced latency through service chaining so that SSL traffic only needs to be decrypted and re-encrypt once, and not for each security solution.
    • Seamless scalability and guaranteed connectivity with Alteon NG's inherent load balancing functionality allows scalable traffic inspection capacity by simply adding more content inspection systems and load balancing between. In addition, it ensures continuous connectivity through advanced health checks and with fail-to-wire in case of device malfunction.
    Contact Us to Get Started.