Secure access service edge provider Cato Networks today announced it added transport layer security inspection capabilities to its SASE platform to enable customers to inspect TLS traffic more easily and quickly.
Cato Safe TLS Inspection is part of the Cato SASE Cloud Platform, and it provides customers will the ability to fully inspect TLS traffic flows — which only 45% of 2,500 Cato customers currently do, Cato found in its Q3 Cato CTRL SASE threat report. Just 3% reported to Cato that they inspect all relevant sessions, which represents a significant risk to end users and data, the company says. The latest CTRL SASE Threat Report found that organizations that enable TLS inspection blocked 52% more malicious traffic than organizations without TLS inspection.
“TLS inspection is essential for keeping harmful content out of company networks. But many organizations hesitate to enable it, worried about operational slowdowns or legal challenges tied to inspecting encrypted traffic,” wrote Andrea Napoli, product marketing manager at Cato Networks, in a blog explaining the news and survey results. “By skipping TLS inspection, they unknowingly leave their networks exposed, unable to detect and secure a growing volume of potentially malicious traffic hidden within encrypted channels.”
TLS inspection technologies intercept and decrypt TLS traffic to check for malicious content or vulnerabilities. It then re-encrypts the traffic and forwards it to its destination. The capabilities help identify malware, data exfiltration, and other malicious traffic, and they also help ensure security compliance and the integrity of data in transit. This type of TLS inspection across all traffic flows can become burdensome for network and security teams, according to Cato, which is looking to simplify the process and enable customers to perform TLS inspection without disrupting business applications.
“IT security vendors continue to tout new capabilities and functionality, but if leveraging those capabilities is too difficult or complicated for enterprises, then what good are they?” said Shlomo Kramer, co-founder and CEO at Cato Networks, in a statement. “Safe TLS Inspection embodies that philosophy, enabling enterprises to take advantage of the full power of the SASE platform painlessly.”
With more than 90% of web communications using encryption, it is critical companies can safely inspect all traffic without missing blind spots. The new capabilities can automatically identify applications and domains safe for inspection, eliminating the need for bypass lists. Safe TLS Inspection also enables automated deployment, applying configurations with a few clicks based on best practices, the company says. Safe TLS inspection provides visibility into cloud traffic, enabling security teams to:
- Reduce the attack surface by uncovering hidden threats in encrypted traffic.
- Prevent sensitive data loss by gaining full visibility into cloud application traffic.
- Eliminate manual configurations and ongoing maintenance required by TLS inspection solutions.
- Automatically recommend inspection bypass rules for applications and domains pertaining to specific sectors.
- Secure cloud applications while delivering compliance-driven data protection and enhanced security for remote and hybrid workforces.
Cato SASE Cloud Platform runs on a private global backbone of more than 90+ points of presence (PoP) connected via multiple SLA-backed network providers. The PoPs software continuously monitors the providers for latency, packet loss, and jitter to determine in real-time the best route for every packet. Cato applies optimization and acceleration to all traffic going through the backbone to enhance application performance and the user experience. To ensure all locations benefit, Cato optimizes traffic from all the edges and toward all destinations, on-premises and in the cloud.
Cato Safe TLS Inspection is available now to all customers globally at no additional charge as part of the Cato SASE Cloud Platform.
Source:: Network World