• Skip to primary navigation
  • Skip to main content
  • Skip to footer

+1-613-287-0393

info@corsa.com

Support

  • LinkedIn
  • Twitter
  • YouTube
Corsa Security

Corsa Security

Scaling network security

  • Solutions
    • Automate Your Managed Virtual Firewall Service
    • Modernize Enterprise Network Firewalls
    • Scaling Virtual Firewall Clusters
    • Complete Communications Monitoring
    • Increase Threat Protection
  • Products
    • Corsa Security Orchestrator
    • Corsa Security Platform for Automating Firewall Virtualization
    • Corsa Security Platform for Scaling Threat Protection
  • Verticals
    • Large Enterprise
    • Service Providers
    • Government
    • State, Local and Education (SLED)
  • Partners
    • Fortinet
    • Palo Alto Networks
    • Find a Reseller or Distributor
    • IT Consultants and Professional Services
    • Industry Collaboration
    • Become a Partner
  • Resources
    • Videos, Whitepapers and Other Content
    • Explainers
  • Company
    • About Corsa Security
      • Corsa Security Recycling Solutions
    • Management Team
    • Board of Directors and Steering Committee
    • News and Blog
    • Careers
    • Support
Contact Us

The Blind Spot in Network Security

May 7, 2019 by Eduardo Cervantes

You wouldn’t invest in a high-tech alarm system for your home then leave your front door wide open. So, why are we doing this with our networks? As CEO of Corsa, I see a glaring risk in the security industry at the moment and it’s what I call the SSL inspection gap. In this blog post I’ll explain what that is and how we got here, but let me summarize it like this: the SSL inspection gap is the point where an enterprise can’t keep up with decrypting incoming traffic while maintaining their network’s performance, so they opt to let traffic through unchecked in order to speed up their network.

A Perfect Storm

The demand for increased bandwidth in enterprises is skyrocketing, driven by trends like cloud adoption and mobility. Along with higher amounts of data, the traffic mix is also evolving, with live streaming now representing a larger proportion of traffic. With IoT and 5G, this traffic is only going to increase. To meet the demand, many enterprises are increasing the capacity of their networks by moving from 10 Gbps link to 100 Gbps links.

At the same time, SSL/TLS adoption is growing at an exponential rate, with at least 70% of traffic on the Internet encrypted. While encryption is undoubtedly a good thing for security, network and security architects are faced with the daunting challenge of inspecting this encrypted traffic, while maintaining performance on a much higher capacity network.

The trade-off is to decrypt and lose performance, or to maintain performance but not see all your traffic. In other words, you either decrypt and inspect all the traffic, slowing down your network to unacceptable levels, or you open up your firewall to maintain performance, meaning incoming traffic remains encrypted and unchecked, which makes your enterprise vulnerable to cyberattacks. Sophisticated cybercriminals are aware of this inspection gap and they’re using encrypted traffic to obscure their presence and evade detection.

What is the SSL inspection gap?

The scope of this challenge is even greater when protecting high capacity networks. Most enterprises attempt to minimize threats by using a firewall. However, while networks and the traffic mix has developed, network security technology has simply not kept up. For example, a firewall can handle less than 10% of encrypted traffic.

Let’s break this down into real numbers. With a 100Gbps link and the typical 50% redundancy built in, an enterprise would expect to see traffic of about 45Gbps. Based on the 70% encryption rate, 32Gbps of this will be encrypted. Current security appliances aren’t designed to simultaneously decrypt and inspect traffic, with studies showing that throughput for devices drops by 92% when SSL/TLS inspection is enabled.

For enterprise networks, security is hardwired into the network path, and making changes to network security infrastructure often requires redesign of the network and installation of a new firewall. Many enterprises feel under pressure to invest in a bigger security appliance but this is expensive and inflexible. It will only address growth in the short term. What will you do when bandwidth demands jump again? Purchasing ever bigger and bigger security appliances is unsustainable. The reality is, most enterprises simply don’t encrypt, meaning a high level of traffic forwarded is unchecked. This is a significant and unacceptable risk.

A new approach

We clearly have a model that is broken. The challenge is to scale security for the rapidly changing network volumes/traffic mix and encryption, preferably in an economical way. Buying a bigger, more expensive box is a band aid.

A new problem requires a new approach. In order to reduce security breaches, we need a solution which provides complete visibility for 100% of encrypted traffic, without sacrificing network performance or blowing your budget with a bigger firewall. We also need to ensure solutions can scale for future growth, allowing for SSL/TLS visibility to 10Gbps, 100Gbps and beyond. Enterprises also need the flexibility to scale other security functions, such as layers of security for complete protection of your enterprise.

What would you say if someone told you it’s possible to achieve 100% SSL inspection on all your traffic without compromising performance, even on a high capacity network? Corsa has created an incredibly simple, flexible and high performence system that can be leveraged to provide exactly that. We call it a software-defined network security approach that will give us the protection and scalability we need, and I’ll explore what that looks like in my next post.

It’s time to address the elephant in the room and find a scalable solution to the traffic inspection gap. Corsa has the answer and that’s why I’m excited about the opportunity and the team we have assembled to change the network security industry.

Category iconBlog Tag iconEduardo Cervantes,  SSL Inspection,  SSL Visibility

Subscribe to our newsletter

Get the latest posts delivered right to your inbox

Automate network security virtualization

Talk to us about how to deploy, scale and optimize virtual on-premise firewalls with speed, simplicity and savings.

Footer

Corsa Security

We are the leader in automating network security virtualization, which helps large enterprises and service providers deploy, scale and optimize virtual on-premise firewalls with speed (24x faster deployment), simplicity (zero-touch operations) and savings (9x lower TCO). By tightly integrating firewall virtualization with intelligent orchestration, the Corsa Security Orchestrator provides an aggregated view of all your virtual firewalls while managing their infrastructure health, capacity and performance. Customers subscribe to the Corsa Security services based on their current needs and then pay as they grow by integrating credit-based licensing from our firewall partners.

info@corsa.com

Sitemap

  • Home
  • Solutions
  • Products
  • Verticals
  • Partners
  • Resources
  • Company

Quick links

  • Support
  • News and Blog
  • About Corsa Security
  • Corsa Security Platform for Automating Firewall Virtualization
  • Corsa Security Platform for Scaling Threat Protection
  • Corsa Security Orchestrator

Headquarters

300 March Road, Suite 400
Ottawa, ON K2K 2E2
Canada

+1-613-287-0393

San Francisco

201 Spear Street, Suite 1100
San Francisco, CA 94105 
U.S.A.

+1-415-887-2131

Boston

177 Huntington Ave., 17th Floor
Boston, MA 02115 
U.S.A.

+1-617-430-7017

  • LinkedIn
  • Twitter
  • YouTube

Copyright © 2023 Corsa Technology Inc. All rights reserved. Privacy. Return to top