Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

11/17/2011
12:43 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Fidelis Introduces New Solutions For SSL Traffic

Fidelis XPS SSL Decoder provides visibility into forged certificates

WALTHAM, MA – November 16, 2011 – Fidelis Security Systems, the market leader in network visibility, analysis, and control solutions, today announced the SSL Decoder within Fidelis XPS™, which provides the ability to assess the authenticity of a Secure Socket Layer (SSL) certificate. Fidelis also introduced the Fidelis SSL Inspector 10G, which enables the Fidelis XPS Deep Session Inspection™ architecture to detect threats in SSL-encrypted content on 10G Ethernet networks. Both solutions are in response to the fact that, for the same reasons SSL is optimal for insuring privacy and confidentiality, it has become an avenue for hackers to exploit in order to penetrate networks.

“With the recent widely-publicized breaches of Certificate Authorities, enterprises are in desperate need of a way to verify the authenticity of SSL certificates,” said Gene Savchuk, CTO at Fidelis. “While SSL pinning – white-listing a certificate authority public key in a browser for a specific domain or set of domains – is emerging as a potential solution, it will quickly prove inadequate for enterprises due to the dynamic nature of certificates and a need for a solution that scales. The Fidelis XPS SSL Decoder mimics this concept, but at the network edge rather than at client end-points, and offers more centralized management which is conducive to certificate changes and scale.”

Until now, the ability to alert IT security to fake certificates has been limited. By leveraging the sophisticated rules engine that is at the core of Fidelis XPS, Fidelis is adding the ability to put rules in place to evaluate certificates and to take action, such as preventing a session, if the certificates characteristics are suspect. The combination of these rules and implementing this action at the network edge provides a measure of ease of use that is a necessity for large enterprises that would otherwise have to rely on application vendors retroactively providing patches following publicized breaches at SSL Certificate Authorities and users applying these patches correctly and in a timely manner.

“SSL-encrypted traffic makes up an ever increasing share of the traffic seen on an enterprise network with the proliferation and cloud computing and social networking,” said Andrew Hay, Senior Security Analyst at 451 Research. “Though the security and confidentiality capabilities provided by SSL are widely known, SSL can also be used to conceal malicious activity such as botnet command-and-control or data exfiltration. If companies are not leveraging network monitoring tools capable of inspecting encrypted traffic, they're likely missing an important threat vector.”

Fidelis introduced the Fidelis SSL Inspector in late 2010 to remove the serious blind spots in content inspection and threat detection created by SSL-encrypted traffic. Customer uptake of the Fidelis SSL Inspector has been significant, and in response to increasing demand to inspect traffic at speeds above one gigabit, Fidelis is introducing Fidelis SSL Inspector 10G. The new system is in a smaller form factor (1U), offers interface flexibility from 1 gigabit copper or fiber to 10 gigabit fiber, is designed to inspect multiple inline segments and can distribute traffic to multiple devices in the enterprise security stack. Working with Fidelis XPS, Fidelis SSL Inspector 10G extends unparalleled visibility and control to the increasing volume of encrypted traffic that may be entering and/or leaving the network.

The Fidelis XPS SSL Decoder and Fidelis SSL Inspector 10G appliance will be available this quarter.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
The Data-Centric Path to Zero Trust
Altaz Valani, Director of Insights Research, Security Compass,  1/13/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).