Perimeter
12/5/2013
07:10 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Zscaler Upgrade Delivers High-Speed 2048-Bit SSL Traffic Inspection

Completes migration of cloud infrastructure to enable 2048-bit SSL traffic inspection

San Jose, CA, December 4 , 2013 – Zscaler, the global security cloud for the mobile enterprise, today announced it had completed a transparent migration of its worldwide cloud infrastructure to enable 2048-bit SSL traffic inspection, upgrading its SSL processing capacity 2,500 percent. Zscaler is unique as a cloud security provider that enables SSL-2048 bit scanning through a high-performance proxy.

In order to strengthen encryption standards, the Certification Authority/Browser (CA/B) Forum and the National Institute of Standards and Technology have mandated the switch from 1024-bit RSA keys to 2048-bit RSA keys for SSL traffic, effective January 1, 2014. This improved standard will require five times greater performance for Web servers and proxies. As a result, organizations relying on appliance-based security will be challenged with time-consuming and complex hardware and infrastructure upgrades to scale capacity.

"As SSL encryption increases in complexity and is widely adopted by Web services, organizations will be challenged to obtain complete visibility into network traffic to ensure security and compliance," said Amit Sinha, CTO, Zscaler. "Advanced threats callbacks may try to leverage SSL tunnels to escape detection or employees may try to leak data through encrypted lines, but Zscaler provides total visibility into 2048-bit SSL traffic, without the cost and complexity of manually upgrading traditional security appliances."

Read more about SSL 2048-bit encryption at the Zscaler Security Cloud blog: http://blog.zscaler.com/are-you-resolved-inspect-ssl-2048-2014

About Zscaler

Zscaler is transforming enterprise security with the world's largest security cloud built from the ground up to safely enable users doing business beyond the corporate network. Zscaler's security cloud processes over 12 billion transactions a day with near-zero latency to instantly secure over 10 million users in 180 countries, with no hardware or software required. More than 3,500 global enterprises are using Zscaler today to simplify their IT operations, consolidate point security products, and securely enable their business for mobility, cloud and social media. For more information, visit us at www.zscaler.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web