Intelligent CIO APAC Issue 01 | Page 39

TLS/ SSL DECRYPTION — ONE OF THE MAIN PILLARS OF ZERO TRUST MODEL In a world where everything and everyone is connected to the internet, in one way or another, it’s hard to imagine a network that is truly secure. Data, large amounts of it, are at the centre of it all. Insider Threats — Need for Security to Evolve from “Castle and Moat” Approach Initially, we had the concept of zones, perimeters and network segments – placing all the protected assets “inside” the secured network perimeter. However, attackers are always evolving the methods they use; always on the lookout for weak points in your network defences; and coming up with newer ways of infiltrating the perimeter. Keeping up with them is a challenging and ongoing struggle. We also need to realize that the “castle and moat” approach to our network defences was mostly effective against threats that resided outside the network. But what about the threats on the inside? What about modern attacks that work on multiple levels to try to bring your networks down? How do we protect our networks from people who have legitimate access to all its resources? Zero Trust Model — a Modern Cybersecurity Approach Zero Trust attempts to fix the problems, and patch the holes, in our cybersecurity strategies. At the core of it, the Zero Trust model is based on the principal of “trust nobody.” The Zero Trust model dictates that no one in your network should be trusted completely, that access should be restricted as much as possible, and that trust should be seen as yet another vulnerability that can put your network at risk. Danger of Security Blind Spots In recent times, we have witnessed a phenomenal rise in the use of encryption across the internet. Google reports that over 90 percent of the traffic passing through its services is encrypted. However, with encryption comes the creation of a “blind spot” in our network defences as most of the security devices we use are not designed to decrypt and inspect traffic. The Zero Trust model is not immune to this problem as visibility is considered as one of the key elements to its successful implementation. Without complete encrypted traffic visibility, the model will fail, introducing vulnerabilities that can be exploited by both insiders and hackers. TLS/SSL Decryption — One of the Main Pillars of Zero Trust A centralized and dedicated decryption solution must be placed at the centre of the Zero Trust model and should be included as one of the essential components of your security strategy. Many security vendors will make claims of the ability to decrypt their own traffic, working independently of a centralized decryption solution. However, this “distributed decryption” approach can introduce problems of its own, including inferior performance and network bottlenecks, and fixing these would require costly upgrades. Key features of a good TLS/ SSL Decryption Solution Below are some of the features to look out for when looking to implement a TLS/ SSL Decryption Solution: • Full Traffic Visibility • Ease of Integration • Multi-Layered Security Services • User Access Control • Micro Segmentation • Securing Cloud Access In conclusion, without a centralized and dedicated TLS/SSL decryption solution, the Zero Trust model is unable to do what it was designed to do — protect our networks, users and data from threats residing inside and outside the network. LEARN MORE AT A10NETWORKS.COM INTELLIGENTCIO 39