Flowmon Networks, a vendor of advanced network monitoring and security solutions, today announced the availability of Flowmon Encrypted Traffic Analysis. As a part of the latest Flowmon 10 release, it delivers to organisations real-time assessment of encrypted traffic to simplify the enforcement of security policies, and so retaining the desired level of protection.
According to NSS Labs, 75% of web traffic will be encrypted by 2019. On the one hand, encrypting is what a responsible organisation should do to protect the communication from being intercepted and compromised, and also to maintain integrity and confidentiality. On the other hand, the complexity of managing encryption challenges organisations to ensure cryptographic compliance, resulting in uncertainty as to whether the desired level of protection has been achieved.
“As the number of cyber attacks misusing encryption increases, cryptographic compliance standards will only get stricter and harder to uphold. In the era of encrypted traffic, the ability to analyse such communication becomes crucial for effective security policy enforcement,” says Pavel Minarik, CTO at Flowmon Networks.
“Flowmon gives network operation teams control over encrypted traffic. It monitors and analyses network traffic metadata, reports inconsistencies in cryptographic compliance and thus helps to retain the desired level of protection and to avoid unwanted communication. Thanks to this, NetOps teams keep track with organisational security needs while ensuring communication is kept private.”
The Flowmon Solution monitors network traffic metadata and aggregates it into so-called flows (NetFlow/IPFIX standards) with a specific extension extracted from TLS handshake (establishment of encrypted communication). This approach, needing no decryption, is the only privacy-preserving and ultimately scalable way of understanding modern encrypted communication.
With Flowmon Encrypted Traffic Analysis, NetOps teams can, for example, monitor expired and non-compliant SSL certificates, inspect encryption strength, and block unwanted TLS versions that contain vulnerabilities or non-compliant clients. Additionally, such visibility allows organisations to fight cyber threats and malware misusing encryption to evade detection, such as C&C communication, man-in-the-middle attacks and data exfiltration.
More information is available in Flowmon Encrypted Traffic Analysis Whitepaper.