5
Internal
Users
Spyware
PhishingViruses
Intellectual Property Rogue Apps
WormsBusiness Apps
Corporate
Network
External
Apps
Active Server Pages
Internet
SSLSSL SSLSSL
Figure 4 – SSL Provides a Private Link for Legitimate Applications, AND Malware, Confidential Data, Unsanctioned Traffic
As illustrated in Figure 4, because SSL (Secure Sockets Layer) content is encrypted, it can’t be intercepted by normal means.
Users can bring in various malware including viruses, access forbidden sites, and leak confidential business information over
an HTTPS connection, which uses port 443. Because IT organizations have no visibility into SSL sessions, they are blind to any
potential security threats sent over HTTPS. In addition to the security threat, encrypted traffic makes it difficult for IT to assess
bandwidth usage and apply intelligent content control policies to ensure maximum user productivity.
Additionally, key signing and certificate verification is extremely CPU-intensive. Many security-sensitive websites that have
implemented SSL experience bottlenecks created by the managing and processing of SSL sessions. The end result is that
SSL degrades web server performance considerably and web transactions are slowed to a crawl. Because of the performance
degradation caused by SSL, many organizations cannot, because of budgetary or infrastructure limitations, implement SSL. Or
they implement it in a very limited capacity by applying SSL only to sensitive data or transactions.
The Blue Coat Systems SSL Traffic Solutions
The Blue Coat ProxySG solves a number of SSL related issues. Depending on your needs, you can use the ProxySG as an SSL
forward proxy for securing outbound traffic, an SSL proxy for wide area network (WAN) optimization, or an HTTPS reverse
proxy for web server acceleration.
Blue Coat appliances use patented technology to detect, inspect, optimize, and accelerate all web traffic and SSL/TLS based
applications. Unlike other solutions, administrators have the flexibility to choose the optimization and acceleration techniques
for their enterprise depending on their security policies. Blue Coat appliances use patented software techniques and hardware
acceleration to optimize encryption algorithms and reduce SSL/TLS handshakes over the WAN. This significantly improves user
experience, improves overall productivity, and increases performance of servers in the data center. In addition, administrators
can reduce latency and improve bandwidth by securely reducing and limiting redundant patterns of traffic, anywhere from the
byte/packet level up to the application level, or even both when configured. Security policies and acceleration and optimization
techniques can be granularly applied (or not applied) based on users or departments, source or destination, application or
content, or all of the above. Figure 5 shows Blue Coat SSL Proxy-Based Solutions.
Technology Primer: Secure Sockets Layer (SSL)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commenti su questo manuale