Netronome announced the availability of the industry's highest-performance transparent proxy for SSL network communications

Dark Reading Staff, Dark Reading

February 6, 2007

3 Min Read

SAN FRANCISCO -- Netronome Systems, the industry’s leading provider of Open Appliance™ systems, today announced the availability of the industry’s highest-performance transparent proxy for Secure Socket Layer (SSL) network communications. The Netronome SSL Inspector™ is designed for security and network appliance manufacturers, enterprise IT organizations and system integrators. The SSL Inspector allows network appliances to be deployed with the highest levels of flow analysis while still maintaining multi-gigabit, line-rate network performance for compliance, NAC and other security applications.

SSL communications constitute a significant and growing percentage of the traffic in enterprise LAN/WAN and service provider networks. The privacy benefits provided by SSL can be overshadowed by the risks it brings to the enterprise network. SSL encryption can prevent IT organizations from ensuring that threats such as viruses, spam and malware are stopped before they reach individual users. Encryption also makes it difficult for network administrators to enforce corporate acceptable-use policies. Regulatory and other compliance requirements, including identifying accidental or intentional leakage of confidential information, are also virtually impossible to meet because of SSL encryption. Existing methods to control SSL include severely limiting its use, preventing its use entirely, or installing SSL proxy solutions that significantly reduce network performance for both SSL and non-SSL traffic.

Until now, managing SSL traffic has proven difficult, but with the Netronome SSL Inspector, users can take advantage of a unique combination of capabilities that removes the risks arising from lack of visibility into SSL traffic while increasing the performance of security and network appliances, including:

  • Line-rate Network Performance: All non-SSL flows are cut-through in hardware in less than 10 microseconds, eliminating unnecessary delay for time-sensitive applications, such as VoIP.

  • Network Transparency: Unlike existing SSL proxies, the SSL Inspector is deployed as a “bump in the wire” and is completely transparent to both end users and intermediate networking elements. It does not require network configuration, IP addressing or topology changes, or modification to client IP interface and web browser configurations.

  • Scalable Flow-based Processing: At up to 4 gigabits per second, the SSL Inspector supports the analysis of 200,000 SSL and 1,000,000 total simultaneous flows.

  • High Connection Rate: The SSL Inspector provides more than ten times the setup and teardown rate of SSL proxy solutions, at over 50,000 SSL and 250,000 total sessions per second.

  • Application Preservation: All network and security applications and appliances, such as IDS, IPS, UTM and HTTP and WAN load balancing, can continue to work for SSL and non-SSL communications, extending their usability.

  • Open Application Programming Interface: Netronome’s solution is the only probe with API programmability that provides network and security appliance manufacturers with a simple way to integrate SSL inspection into their new applications. The SSL Inspector can also be used with existing, unmodified applications.

The combination of these capabilities provides security and network appliance vendors with a way to increase the performance of their applications, avoid becoming the source of reduced network throughput and expand the scope of their applications to also provide benefits for SSL encrypted traffic.

“Enterprise organizations continue to struggle with the growth of SSL in their networks. Whether trying to comply with corporate and government regulations, or merely trying to preserve the use of existing network and security appliances after SSL has been introduced, the Netronome SSL Inspector delivers a way to meet their IT and network compliance requirements, while preserving the benefits of SSL communications,” said Jarrod Siket, vice president of marketing at Netronome Systems.

Netronome Systems Inc.

About the Author(s)

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

VPN other edge devices cybersecurity
Endpoint Security
Teetering on the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTsOn the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTs
byRobert Lemos, Contributing Writer
Apr 23, 2024
4 Min Read
Kuala Lumpur, Malaysia, skyline against the harbor at sunrise
Cyber Risk
Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity ProsLicensed to Bill? Nations Mandate Certification of Cybersecurity Pros
byRobert Lemos, Contributing Writer
Apr 23, 2024
4 Min Read
MITRE Corp's logo in blue
Endpoint Security
MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti BugsMITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs
byNate Nelson, Contributing Writer
Apr 22, 2024
3 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events