Deep Packet Inspection for SSL: How to Defeat Intruders Hiding their Communications Inside Encrypted Channels

Webinar Registration

Monitoring incoming traffic used to be the focus of network security and while you can't ignore it, today, if you aren't watching the traffic leaving your network the first time you know you've been hacked will be when you watch the morning news.

But the bad guys know that we know this and they are increasingly enhancing their APT payloads to hide their communications with command and control servers as well as the actual exfiltration of stolen information inside encrypted connections disguised to look like legitimate web traffic.

When you can't look inside an encrypted web connection it's not as though your hands are completely tied. You can look at IP reputation, geo location and do some heuristics by comparing sessions to legit web traffic patterns and possibly baselines for given users and endpoints.

But IP reputation, DNS analysis and geo location only take you so far and have limitations like everything else. Heuristics and baselines are difficult to do right and prone to false positives.

So how do you look inside encrypted traffic between endpoints on your network and the Internet? There are 3 options:

  1. Deploying agent probes in the network stack of each endpoint
  2. Routing everything through a traditional proxy server
  3. Deep Packet Inspection of SSL

In this real training for free ™ webinar I will show you how all of these technologies work but we will focus on the newest, most advanced and effective one: DPI SSL provided by next generation firewalls like Dell Software's SonicWALL technology who has agreed to sponsor this webinar.

While proxy servers are a great idea, there's just too many situations where they aren't an option. For one thing there’s too many apps that simply don't support proxy.

So I will show you how DPI-SSL transparently decrypts communication between endpoints and the Internet, scans the data for malicious content and with data loss prevention technology and then, provided it checks out, re-encrypts the data and sends it on its way.

You will see how DPI-SSL provides additional security, application control, and data leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic.

How does DPI-SSL pull this off? That's the fun part. Don't miss this real training for free ™ session. Please register now.

First Name:   
Last Name:   
Work Email:  
Country:    
State:  
Phone (area + country code):
Company Name :
Industry:
Company Size:
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.

 

 

Additional Resources