READ TIME: 3 min., 9 sec.
tl;dr: The cloud gives enterprise IT teams the freedom to use the latest and greatest (most secure) encryption protocols. But you can also get full visibility into cloud packet traffic using breakthrough TLS 1.3 decryption from Nubeva.
This Thursday (and during the upcoming weekend) we’ll celebrate the Fourth of July. Independence Day always evokes thoughts of the many freedoms U.S. citizens enjoy. We celebrate the patriotism demonstrated by people who choose to serve the United States in a public capacity and, of course, we enjoy outdoor gatherings that culminate with fireworks displays in nearly every community across this land (be safe out there!).
When you consider your enterprise cloud environments, do you enjoy the freedoms the cloud provides, or are you tied to some of the complexities that exist in the cloud?
Here are three freedoms we believe all enterprise IT teams should experience as they migrate more and more mission critical resources to cloud platforms like AWS, Azure and GCP.
Freedom to adopt and use the latest, greatest and most secure cloud encryption protocols available.
In the cloud, your enterprise needs to inspect network traffic at the packet level. It’s an imperative in order to monitor for intrusion detection, identify potential threats and respond to any incidents that occur.
The challenge, however, is that a vast majority of cloud network traffic is encrypted. At AWS Reinforce a couple of weeks back, the word encryption was a constant drum beat throughout the event. Adopting aggressive encryption of all cloud data is the No. 1 security recommendation for modern IT. This includes TLS 1.3 encryption in the cloud of data at rest (in databases and data lakes) and data in motion (as it moves from system to system, service to service and crosses communications links and network connections.
The bottom line is that modern encryption protocols enable the best security in the cloud. It also happens to block deep packet visibility – and you want visibility, too (keep reading).
Freedom to decrypt cloud data when and where needed...securely
With Nubeva’s new Prisms SSL / TLS Decrypt solution, enterprise organizations no longer live in the shadow of having security with encryption but no visibility.
We have solved and restored the out-of-band option with our breakthrough key discovery technology. This solution enables users to perform out of band network monitoring using keys from any traffic source, in real time to any tool. Nubeva Prisms TLS Decrypt starts with an agent on the workload that probes for keys as soon as a server handshake beings. Customers set up a key database in their cloud environment, where the keys are then stored. The Nubeva decryptor engine is placed on the tool or tools used to monitor cloud traffic. The decryptor accesses the keys from the database on request so the tool can decrypt to clear text to do its job.. New protocols inhibit traditional out-of-band methods and leave users with in-band or disruptive host choices, which certainly have their limitations in the cloud.
Freedom to avoid high costs and complexities of other decryption architectures.
If you feel stuck using expensive man-in-the-middle, passive host-based intercept or passive out-of-band architectures to get cloud visibility into your packets, stop using these antiquated architectures.
These traditional solutions don’t work with pinned certificates, struggle to handle new protocols and ciphers, introduce chokepoint or application modification architectures that are inherently non-cloudy, and remove much of the elastic and edgeless benefits of the cloud. Some solutions will even require the ability to access and modify your libraries.
With these solutions, you’ll receive only partial visibility of cloud data with minimal flexibility. What’s worse, you’ll spend a fortune maintaining your application architecture and cloud environment as you scale and grow your cloud presence.
It just makes sense, then, to experience the freedom of low cost, cloud-ntive TLS 1.3 decryption.
This July 4, consider how you can have your encryption and security – as well as your visibility – using a decrypt solution that is simple to deploy, costs far less and is highly effective.
Happy Independence Day America!