Cisco plugs encryption hole in network security
Cisco has unveiled analytics services designed to solve a growing problem with network security – detecting threats that are hidden in encrypted traffic, reports Enterprise Cloud News (FinTech Futures‘ sister publication).
Concerns over privacy, compliance and security are driving users to encrypt more and more network traffic, Cisco notes. Some 80% of network traffic will be encrypted by next year, according to a Gartner estimate that Cisco cites. And yet encrypted traffic makes it easier for attackers to conceal threats — next year, half of malware campaigns will use encryption, Cisco says.
“While encryption is the right trend for privacy and regulatory compliance, IT teams will face a massive influx of traffic that they cannot see without decryption technology. This makes encrypted malware one of the industry’s biggest emerging threats,” according to a post on the Cisco Blogs this morning (10 January).
Cisco believes it can break that Catch-22 by analysing typical network traffic and flagging anomalies that might indicate a threat, without decrypting traffic. The company outlined that strategy in its big “network intuitive” launch in June.
The company is also announcing availability of its Encrypted Traffic Analytics (ETA) for the company’s branch-office Integrated Services Router (ISR); the Aggregation Services Routers (ASR 1k) for enterprise edge networks and services providers; virtualised Integrated Services Virtual Router (ISRv), and Cloud Services Routers (CSR), for extending enterprise networks to clouds. ETA is also integrated with Cisco’s Stealthwatch security platform.
ETA provides “security while maintaining privacy. You can have your cake and eat it too,” Prashanth Shenoy, Cisco vice-president of enterprise network marketing, tells Enterprise Cloud News.
ETA “extends state of the art security detection and visibility close to the user in the branch, where 80% of employees and customers are served,” Harrell says.
These users are often underserved by security because of the difficulty of rolling out sophisticated sensors to hundreds or thousands of branch officers, Harrell says.
Also, the security technology can be rolled out easily with software upgrades to Cisco’s customers, Harrell says.
ETA fits with Cisco’s strategy to transition its strategy from selling networking products to software and services paid for on a recurring basis.
Cisco needs the boost – revenue has declined eight consecutive quarters.
Last week, security researchers disclosed details about two serious vulnerabilities, “Spectre” and “Meltdown,” effecting billions of Intel, AMD and ARM chips manufactured since 1995, including servers, desktops and mobile devices.
Cisco says most of its products are closed systems that do not allow customers to run custom code on the device, and thus are not vulnerable. Cisco products that can be deployed as virtual machines or containers are vulnerable, and users should install patches to secure the underlying infrastructure, the company says.
ETA would not protect against Spectre and Meltdown, which enable attackers to steal information from device memory, rather than the network. However, ETA should be able to detect attempts to exfiltrate that information over the network.