Performance, Security, Decryption and Cloud Visibility

    Posted by Nubeva on Jun 18, 2019 5:23:23 AM

    READ TIME: 1 minute, 56 seconds

     

    tl;dr: TLS 1.3 is here for a reason…security. Here’s a short primer on the benefits of TLS in the public cloud.

    Security and network IT professionals with mission-critical resources in public clouds like AWS, Azure and Google Cloud, know how important Transport Layer Security (TLS) protocol is to security.

    When the Internet Engineering Task Force published TLS 1.3 in 2018, it was the first major overhaul of encryption standards in 10 years. TLS 1.2 was showing its age with cipher suites that were presenting a slew of security concerns. Shockingly, some organizations still use SSL version 3.0, which is now highly insecure by any standards.

    TLS 1.3 protocol, on the other hand, improved both performance and security, which has quickly made it the de facto encryption protocol to use in public cloud environments.

    Performance

    Its performance is better because TLS 1.3 provides an abbreviated handshake between client and server and it provides for a Zero Round Trip Time (0-RTT). TLS 1.2 required two round-trips to finish a TLS handshake. But TLS 1.3 only needs one round-trip, reducing encryption latency by one-half.

    Another performance enhancement comes in how TLS 1.3 handles handshakes after the initial handshake and session end. If a client returns to that server within a specific timeframe, the server will now recognize the client from its previous session and does a quick handshake to resume the session.

    Security

    TLS 1.3 also enhances security. It removed outdated cryptography that made many attacks possible. It also encrypts everything after the server hello and handshake and removes version negotiation making the interaction between client and server more secure. You used to negotiate what version of TLS/SSL you wanted to use between client and server, which made the system susceptible to attacks as hackers could force the server to downgrade to an older, more vulnerable version of SSL.

    Lastly, TLS 1.3 added Perfect Forward Secrecy as a requirement for the handshake between client and server. This simply means that if an attacker records a session today, he or she can't access the content of it in the future by compromising a future session key. There is a new, unique private key between every session between client and server. Which means, more complexity to use those intrusion detection tools.

    In our next blog post, we’ll address how enterprise IT teams can leverage encryption in their public clouds while, at the same time, obtain the packet-level visibility needed to do network monitoring and threat hunting effectively.

    Topics: Agent, cloud security, network security, public cloud visibility, vtaps, AWS, Azure, Cloud Packet Broker, Nubeva Prisms, Packet Visibility, cloud, nubeva, packet capture, cloud visibility, network monitoring, public cloud, cloud monitoring, threat detection, visibility, cloud computing, decryption

    resources banner desktop

    Want to learn more?

    Request a Demo
    resource banner screen

    Sign Up for FREE Trial

    Sign Up

    Subscribe Here!

    View video