Despite firewalls and other defense tactics, attackers continue to become more adept at exploiting vulnerabilities. As a result, network Intrusion Detection Systems (IDS) have become a standard approach to detect malicious attacks. The problem is that network IDS sensors cannot decrypt data encrypted with Secure Sockets Layer (SSL). And given the volume of critical application and sensitive web transaction data encrypted with SSL, a large percentage of encrypted traffic is allowed to pass through without examination, exposing the organization’s IT system to higher risk of malicious attacks.

Organizations have two options to address this issue—each with potentially dire consequences: To ignore the high percentage of web transaction traffic that includes encrypted confidential information. Or terminate the SSL traffic before it reaches the network IDS, thus, blocking the transaction, destroying SSL non-repudiation and negatively affecting business operations.

With the availability of Gilian’s G-SSL Decryptor™, there is a third, much better choice. With the G-SSL Decryptor, the network IDS can inspect every packet in an unencrypted form and identify previously undetected attacks. As a result, the G-SSL Decryptor enhances the security of the existing network IDS, allowing companies to attain 100 percent traffic validation.

How It Works
A G-SSL adapter extracts the SSL stream and delivers it to the G-SSL decryption engine. After decryption, the decrypted SSL, that is, a “clear” HTTP stream, is injected back to the network IDS where the network packets are analyzed against the attacks and vulnerabilities database. The G-SSL decryption engine securely maintains the SSL key and certificate information of the web sites to be inspected.

Extend Your Network IDS Investment
In most organizations, the amount of SSL traffic as a percentage of total traffic continues to increase significantly. In some cases, it could represent half, or more, of the total traffic. Thus, given that existing network IDS only monitor clear HTTP data streams, the addition of the G-SSL Decryptor allows companies to leverage potentially twice, or more, of the value from their investment in their existing network IDS. The result is a compelling return on investment that expands the capabilities of your existing network IDS.

Download PDF: The G-SSL Decryptor White Paper to read more