image credit: Freepik

Network Security Efficacy in the Age of Pervasive TLS Encryption

September 14, 2020

One question which I love to ask next-generation firewall (NGFW) and intrusion prevention system (IPS) administrators is whether they have seen a gradual decline in their deployments’ security efficacy over the last few years. Most answer this question with a resounding “yes,” and then wonder how I knew. With over 90% of Internet traffic being encrypted with Transport Layer Security (TLS), and most intranet applications not being that far behind, this is not exactly a tough nut to crack. From URL filtering to malware detection to IPS signatures, all advanced network security appliances rely on deep packet inspection (DPI) and full application message reassembly to detect and block prohibited or malicious content.

Read More on Cisco Blog