A10 Networks and Cisco Work Together to Prevent SSL Attacks

10 Jan
a10-taiwan-2017-624x481

With growing importance of HTTPS connections among websites and Internet users, the number of websites using SSL for secure connections has increased. As a result, ill-intentioned people have tried to bypass security by hiding malicious traffic in encrypted connections. The diversification of information security threats has made it impossible for a company to combat all threats alone. Working with other companies to compensate for their weaknesses has become a reasonable strategy. Leading networking equipment manufacturer Cisco has thus cooperated with A10 Networks to process SSL traffic and intercept suspicious traffic using A10’s Thunder Series Application Delivery Controllers (ADCs) and SSL Insight. The combination of Cisco and A10 solutions can make sure websites are well protected during attacks without compromising performance.

According to A10’s report, SSL traffic accounted for 67% of total traffic in 2016, a big leap from 30% in 2015, and will reach 100% in the end. Hackers are increasingly using encrypted connections to hide attack traffic as the report says 40% of the attacks have used SSL encryption to evade detection. Even a big network company like Cisco has difficulty tackling every threat on its own. Therefore, using specialist partners’ solutions such as A10’s Thunder Series platform and SSL Insight to process SSL traffic has become an ideal choice.

ssl-traffic-a10

▲A10’s report indicates an increase in SSL-based attacks

a10-taiwan-2017-ssl-threat

▲The growing trend of SSL attacks will cause huge problems for enterprises if they fail to tackle them properly

For transmission of sensitive information such as connections to Internet banks, A10 allows users to choose whether or not to intercept and filter traffic using A10’s devices. Even if the traffic is processed in flash memory, meaning the data will be erased after a period of time and will not be saved, users can still decide if they want to filter the data or not manually.

a10-taiwan-2017-no-interference

a10-taiwan-2017-ssli-interference

Comparison of traffic processed with and without A10’s device

“Today, 67% of network traffic is encrypted, leading to potential risks,” said Daniel Chang, Managing Director at A10 Networks, Taiwan. “According to Ponemon Institute, 41% of attacks are hidden in encrypted traffic to evade detection. A10’s Thunder SSL Insight provides high-speed decryption for all inbound and outbound traffic while detecting and mitigating attacks using a variety of approaches and remedies along with Cisco’s FirePOWER. A10 is a channel-oriented supplier, therefore we have entrusted Dawning Technologies, our platinum distributor in Taiwan, with the go-to-market strategy for our joint solution with Cisco.”

a10-ssl-threat1

Hackers hide malicious content using SSL encryption so it can be distributed through multiple channels

“Our partnership with A10 enables us to adjust our cooperation with Cisco while strengthening the security strategies of today’s enterprises”, said Jason Shih, Vice President at Dawning Technologies. “To boost performance to the fullest, A10 SSL Insight can enhance Cisco’s FirePower Services by offloading CPU-intensive tasks, decrypting SSL traffic, and computing TLS traffic. Therefore, Cisco’s security solution can dedicate its resources for traffic inspection. We will focus on developing joint solutions because we believe this will help us expand sales channels and explore new business opportunities.”

Sysage Technology, the parent company of Dawning Technologies, has been Cisco’s channel partner since 1981 and has been widely recognized by leading suppliers such as Cisco, IBM, and Oracle. Sysage Technology has made outstanding achievements in product support, solution integration, and IT consulting. Sysage Technology and its subsidiary Dawning Technologies will work closely with Cisco and A10 to maximize the value of their joint solutions, providing the best enterprise security solutions for both system integrators and end users.

Founded in 2004, A10 Networks started with network traffic load balancing services. The company then rolled out its ADC products. The proliferation of the Internet has required everyone to place a high premium on network security, even when they access the Internet on their mobile devices. Amid the diversified and ever-changing security threat landscape, A10’s enterprise security solutions are expected to grow continuously to provide enterprise websites the protection they need.