The True Cost of a Security Breach

Arrow pointing right
ExtraHop Logo
  • Productschevron right
  • Solutionschevron right
  • Why ExtraHopchevron right
  • Blogchevron right
  • Resourceschevron right

Arrow pointing leftBlog

Going the ExtraHop for Real-Time SSL Decryption

Adam Sinnett

June 6, 2011

The ExtraHop Application Delivery Assurance system is now capable of completely hardware-driven SSL decryption at network speeds up to 10Gbps

Google Gmail accountsSony's PlayStation Network

RSA SecurID breachmade SSL encryption standard40 percent of businesses' applications

However, while this trend hopefully will keep data safe, SSL encryption can complicate application performance management (APM). An elementary premise for APM is that if you can't see your network traffic, you can't monitor the health and performance of your applications. So, when as much as 40% of an organization's application data is encrypted with SSL, it creates a massive blind spot in network visibility.

These days, the processing requirements for decrypting SSL are greater than ever, too. We are starting to see increasing numbers of organizations switch over to using new, 2048-bit SSL encryption keys in accordance with the U.S. National Institute of Standards and Technology's (NIST) recent advisory. This change makes SSL more secure, but, of course, these more-complex keys also take even more time to decrypt.

The combination of more encrypted data and stronger encryption keys makes software-driven SSL decryption increasingly untenable due to the significant drain on processing resources they require. Business demands require real-time monitoring of application health and performance, and more-powerful hardware acceleration is needed to make sure that SSL blind spots don't handicap an organization's ability to keep business-critical processes from failing.

To meet these demands, we are very happy to announce that the ExtraHop Application Delivery Assurance system is now capable of completely hardware-driven SSL decryption of 2048-bit keys at network speeds—up to a sustained 10Gbps of network traffic. With this enhancement, organizations can leverage the real-time analysis capabilities of the ExtraHop system to decrypt and analyze SSL traffic for common cipher suites at the scale and speed required by today's enterprise networks.

Experience RevealX NDR for Yourself

Schedule a demo