Global
Africa
South Africa
Albania
Australia
Austria
Belgium
Bosnia Herzegovina
Bulgaria
Canada
Canada FR
Croatia
Czech Republic
Denmark
Estonia
Finland 
Finland (English)
France
Germany
Hong Kong
Hungary
Iceland
India
Indonesia
Ireland
Israel
Italy
Kosovo
Latvia
Lithuania
Malaysia
Middle East
Montenegro
Netherlands
New Zealand
North Macedonia
Norway
Philippines
Poland
Portugal
Romania
Saudi Arabia
Serbia
Singapore
Slovakia
Slovenija
Spain
Sweden
Switzerland DE
Switzerland FR
Thailand
Turkey
USA
Ukraine
United Kingdom
Vietnam
No escape from HTTPS: Chrome insists on a secure web
This week, Google released Chrome version 68, currently, by far the most popular web browser. Chrome will, from now on, treat all websites that are not encrypted, that is, HTTP websites, as unsafe and in this fashion continue to push the entire web towards HTTPS.
At first glance, the change is merely “cosmetic” – from now on all HTTP websites will be marked as “Not secure”. For the end user, these are good news because Google is speeding up the process of transition from (for attackers) easily readable and insecure HTTP to encrypted and more secure HTTPS.
According to Google’s research, 75% of websites visited in Chrome on Windows are now using HTTPS, while 81 of the top 100 websites now use HTTPS by default.
What does this mean for you, your organization, and your IT infrastructure?
If you don’t decrypt HTTPS, that is, SSL traffic:
- You don’t see malicious traffic to attackers’ servers and you can’t perform analysis or attack forensics – your ATP tool is blind;
- You have limited or no control over the websites that users can(not) access – your web gateway is inefficient;
- You don’t know if confidential information from your organization is passed on to unknown web services – your DLP tool is blind;
- In short: your existing security equipment loses its value.
Chrome 68 – or how TLS (previously SSL) is rapidly becoming the new TCP
How can you address these issues?
Symantec SSL Visibility Appliance is a hardware device designed for a specific purpose – decryption of SSL traffic. It enables centralized SSL traffic management and sending decrypted traffic to a number of related security devices – the idea of the solution is to decrypt once, feed many. “Consumers” of decrypted traffic may include Advanced Threat Protection and forensic devices, IDS/IPS tools, Next Generation Firewall devices and Data Loss Prevention products. Not to mention that Symantec’s own secure web gateway solution, ProxySG, can also be relieved of SSL decryption. That solves the need for repeated decryption of traffic on each of these devices.
All this enables: better visibility of previously hidden traffic, simpler configuration, less additional investments in security devices, selective decryption by content categories, and improved utilization of existing equipment.
For advice on integration into the existing environment, quotation and additional information on these products, feel free to contact us.
More information:
