Deep Dive - SSL / TLS Inspection at Scale

With applications moving to the cloud carrying sensitive data, the amount of traffic encrypted with SSL / TLS is continuing to increase. The push to use HTTPS everywhere, even on personal email, coupled with free certificates means that most of the traffic heading for the internet is now encrypted. If we look at Google’s statistics, you’ll see north of 80% of all traffic is being encrypted.

This poses a challenge to traditional methods of inspection and enforcement. If I can’t see what’s leaving my network how do I know what it is? Most traditional security stacks are not designed to handle decrypting all of your traffic. The performance hit you will take will require you to add or upgrade hardware.

How does Zscaler differ? Unlike a traditional firewall or proxy Zscaler builds hardware acceleration cards in to our Zscaler Enforcement Nodes (ZEN). These cards handle the cryptographic function in dedicated hardware. There are no hardware limitations for you to contend with, and no new appliances to purchase when you turn on inspection.

In this talk we’ll take a deep dive into SSL / TLS inspection and enforcement. We’ll talk about:

  • The use case and history behind SSL / TLS and its increasing adoption
  • Head-to-head performance impacts of inspection with Zscaler vs. the competitions VM-based cloud
  • How modern threats are using encryption to hide their actions
  • How SSL / TLS inspection works on our ZENs

1 Like