Memorial Day weekend is one of the most traveled weekends in US. As like everyone else I was out with the family for a trip to one of the most beautiful national parks in Texas the Big Bend National park. The most visible sign along the way were the deer signs. They reminded me of some other signs quite visible in North America elsewhere.
Chances are if you live in north western US or in Canada you have heard about the world’s largest deer the Moose and seen these road signs!! In fact Moose is a famous animal it’s the official state animal of Maine. The word “moose” comes from the Algonquin word for “twig eater.”
The moose can be found across all Canadian provinces and territories and in 15 US states, with Alaska having 1 moose for every 6 Alaskans. Bottom line, they are there and their population is increasing and sooner or later you will run into one these giant animals.
You must be thinking why I am getting a lesson in moose habitat and about moose on a technology blog for Trend Micro™ TippingPoint. Turns out that network security and moose share a very common trait “blind spots.” Because a moose’s eyes are on the sides of its head, it has a blind spot in front and often can’t see an oncoming vehicle until it’s too late. It’s been the cause of a lot of serious accidents. Similarly a lot of enterprises today are not fully prepared for securing or managing their blind spot “SSL traffic” into the network. Because SSL has traditionally been beyond the reach of network security systems it has become a serious security blind spot. A much higher proportion of network traffic is now encrypted, and so SSL decryption is now an indisputably crucial component of network security. One of the reasons why it’s rarely found in standard security systems is because of the processor intensive calculations and algorithms required and finally the performance impact that has on the performance of the in-line network security infrastructure like and intrusion prevention system. There are a lot of solutions that allow enterprise to offload SSL traffic to another box to save performance and processing. That leads us to another critical challenge, adding another standalone box in the network which could potentially be a point of failure.
TippingPoint is announcing the general availability of its Threat Protection System 2200T which brings the on-box SSL decryption capability to the TPS. In addition to the on-box SSL functionality the 2200T also includes the following: