• SSLBased Attack Protection

  • Protection Against Inbound & Outbound SSL Attacks

    SSL attacks are on the rise with encrypted traffic in today's organizations accounting for 25-35% of all inbound and outbound internet traffic. Industry trends such as cloud applications are forcing organizations to use encrypted connections to ensure privacy. The new HTTP/2 internet protocol also mandates the use of encryption in the communication between the browser and server. The need for a SSL inspection and attack mitigation solutions has become increasingly important because as the use of encrypted connections continues to rise, so do the amount of SSL attacks.

    Radware’s SSL-TLS Attack Mitigation Solution

    Do you believe your applications are protected from SSL or TLS based attacks? 1 in every 4 web-based DDoS attacks are encrypted and require a high capacity mitigation solution. Keep your applications protected with Radware’s unique, patent protected mitigation solution that supports all common versions of SSL/TLS and protects from all types of encrypted attacks.

    From the Frontlines

    How a Multinational Bank Handled a Ransom Threat and SSL-Based Attack

  • SSL Attack Mitigation with DefenseSSL

    As part of its hybrid attack mitigation solution, Radware offers a patent-protected mitigation solution called DefenseSSL. DefenseSSL supports all common versions of SSL and TLS and protects from all types of encrypted attacks - including TCP SYN Floods, SSL Negotiation Floods, HTTPS Floods and Encrypted Web Attacks.

    Leveraging Radware’s mitigation solution provides numerous benefits to organizations that need to eliminate security blind spots that exist due to SSL encrypted traffic:

    Advanced detection and mitigation

    From the increasing number of encrypted attacks targeting organizations using SSL & TLS.

    Supports asymmetric deployment

    Environments where only ingress traffic flows through the solution – crucial for cloud-based deployments.

    Transparent deployment

    Eliminates the need to re-engineer the network or configure end user clients to pass all traffic through a predefined SSL proxy.

  • Flexible security policies

    Including URL class-based classification ensures user privacy is kept (i.e. traffic to banking sites is not inspected) based on class.

    Reduced latency

    Through service chaining so that SSL traffic only needs to be decrypted and re-encrypt once, and not for each security solution.

    Helps maintain user data confidentiality

    By performing the HTTPS validation with independent certificate management.

    Removes operational dependencies

    Between the service provider and the organization when keys are changed.

  • Outbound SSL Inspection with Radware's Alteon NG

    Radware’s Alteon SSL inspect solution provides a simple one-box solution for intelligent, policy-based security services chaining for seamless traffic steering through multiple security solutions. Alteon SSL inspect acts as a central switching point for all perimeter network security tools. Security managers can chain and provision security services with highly granular policy options per user profile. Alteon SSL inspect supports highly available, scalable and flexible security services deployment and reduces overall security solution costs via offloading decryption and re-encryption of SSL encrypted traffic.

    Radware's patented SSL inspection technology embedded in Alteon NG and combined with its transparent traffic steering functionality, offers a high capacity, advanced and flexible SSL traffic inspection solution that is simple to deploy and delivers the following benefits:

    Enable visibility to all SSL & TLS traffic

    For real time inspection of outbound encrypted traffic, through one or more content-based security and logging solutions.

    Transparent deployment

    Eliminates the need to re-engineer the network or configure end user clients to pass all traffic through a predefined SSL proxy.

  • Flexible security policies

    Including URL class-based classification ensures user privacy is kept (i.e. traffic to banking sites is not inspected) based on class.

    Reduced latency

    Through service chaining so that SSL traffic only needs to be decrypted and re-encrypt once, and not for each security solution.

    Seamless scalability

    With Alteon NG's inherent load balancing functionality allows scalable traffic inspection capacity by simply adding more content inspection systems and load balancing between.

    Guaranteed connectivity

    Alteon NG ensures continuous connectivity through advanced health checks and with fail-to-wire in case of device malfunction.