AccessData unveils SSL traffic monitor
SSL Locksmith exposes SSL-encrypted network communications
Digital compliance and forensics specialist AccessData Group today announced a new addition to its product lineup, named SSL Locksmith, which exposes the contents of SSL-encrypted network communications in an attempt to eliminate a "critical cyber security blind spot".
Encryption is an integral part of cloud computing and is used to secure e-commerce, Web 2.0 applications, email and VPNs. SSL is arguably the de-facto encryption standard. According to AccessData, there more than 1m SSL sites on the Internet today - including Salesforce, SAP solutions, Oracle solutions, the WebEx platform, the Windows Update service and Gmail - and SSL communications represent at least 25% of traffic on most networks.
AccessData pointed out that many network and security applications are "completely blind to the contents of SSL-encrypted communications, resulting in a gaping hole in the enterprise security architecture".
This allows the introduction of rogue applications, unrestricted Web surfing, virus and spyware distribution and other serious threats to an organisation's information assets.
"Industry practitioners often point to SSL as the most common method by which sensitive data is stolen," said AccessData in an emailed statement. "It can be as easy as adding an attachment to an SSL-based email, such as Gmail or Yahoo! webmail services."
SSL Locksmith tries to solve this problem by brokering SSL connections. AccessData hailed the product as a "welcome addition" to its "arsenal" because "without the ability to see what's going across SSL communication channels, enterprises are at a huge risk of data theft and compromise", said AccessData's vice president of Cyber Security, Jason Mical.
SSL Locksmith offers Web-based management and configuration. To ensure privacy and regulatory compliance, white list and black list filters control which sites and connections are decrypted. Also, even though the product is used in-line, it offers "fail-to-wire" bypass functionality, which is designed to eliminate potential disruption in service.
SSL Locksmith will be sold as a standalone product and can be used with any packet analysis or capture solution, including intrusion detection and prevention systems (IDS and IPS), data leakage prevention systems (DLP), network-forensics solutions, and Web-content monitoring solutions. The solution is also intended to complement AccessData's integrated information security platform, Cyber Intelligence & Response Technology (CIRT), which integrates computer, network and malware analysis, large-scale data auditing and remediation.