ExtraHop Networks Adds 2048-Bit SSL Decryption to Eliminate Organizations' Application Performance Management Blind Spot

Latest Update Enables Companies to Monitor Application Performance Even as Encryption Workload Grows

SEATTLE, WA – June 6, 2011 – ExtraHop Networks, a leading provider of network-based application performance management (APM) solutions, today announced support for decryption and analysis of 2048-bit secure sockets layer (SSL)-encrypted application data. The new functionality eliminates the growing blind spot in organizations' security and application monitoring capabilities caused by the increased use of SSL encryption. Insight into this encrypted data is particularly important as the U.S. National Institute of Standards and Technology (NIST) recently advised that SSL certificates use 2048-bit RSA keys. However, few APM solutions are scalable and powerful enough to perform real-time SSL decryption without degrading overall network performance. With the ExtraHop Application Delivery Assurance system's hardware-driven 10Gbps analysis capabilities, organizations have the processing power necessary to decrypt and analyze SSL traffic for common cipher suites at the scale and speed required by today's enterprise networks.

More encrypted data and stronger encryption keys make software-driven SSL decryption increasingly untenable due to the significant drain in processing resources they require. In fact, according to the seventh edition of Palo Alto Networks' Application Usage and Risk Report, more than 40 percent of businesses' applications now are encrypted by SSL, making the transaction data for a substantial portion of applications invisible to network and application performance monitoring tools. Traditional software-driven SSL decryption cannot keep up with this growing workload. The ExtraHop system is different, using advances in hardware to decrypt and analyze SSL-protected data at speeds of up to 10Gbps.

With this latest update, the ExtraHop system supports real-time decryption and analysis of SSL traffic, including SSLv3; TLS 1.0; SSLv2 handshakes; RSA key exchanges; and RC4, AES, and 3DES symmetric ciphers. The system also supports SSL envelope analysis to determine which SSL certificates are being used, making it easy for organizations to determine if their SSL certificates are up to date according to the latest NIST recommendations. Private certificate keys used to decipher the SSL traffic are kept safe using internal encryption to ensure that the key is not transferred to other systems on an organization's network.

"If organizations can't see their network traffic data, they can't monitor the health of their applications. And with increased use of SSL encryption, gaining visibility into the data needed to ensure that business-critical transactions do not fail is harder than ever," said Jesse Rothstein, CEO and co-founder of ExtraHop Networks. "With this latest functionality, organizations can continue to use passive monitoring solutions in the most secure environments. Maintaining visibility into application transaction data is crucial for organizations wanting to keep their complex enterprise networks and application environments running smoothly."

The ExtraHop Application Delivery Assurance system is a real-time, passive network appliance that monitors and analyzes every business-critical transaction from L2 to L7 across network, web, database, and storage tiers, spanning physical and virtual environments. The ExtraHop system combines the troubleshooting capabilities of Network Performance Managers with the superior application-level visibility of User Experience Monitors to perform sophisticated network-traffic analysis. While many tools rely on legacy technologies such as NetFlow collection, SNMP polling, custom performance agents, or active service checks, the ExtraHop system performs full-stream reassembly and full-content analysis to extract and archive valuable performance and health metrics in a real-time datastore.

For more information about the capabilities of the ExtraHop system, visit http://www.extrahop.com/products/.

About ExtraHop

ExtraHop is the cybersecurity partner enterprises trust to reveal the unknown and unmask the attack. The company’s Reveal(x) 360 platform is the only network detection and response platform that delivers the 360-degree visibility needed to uncover the cybertruth. When organizations have full network transparency with ExtraHop, they see more, know more, and stop more cyberattacks. Learn more at www.extrahop.com

© 2023 ExtraHop Networks, Inc. Reveal(x), Reveal(x) 360, Reveal(x) Enterprise, and ExtraHop are trademarks of ExtraHop Networks, Inc.

Press Contact