SlideShare a Scribd company logo

SonicWall

N
NEOTD Tech Events .

SonicWall

Technology
1 of 15
DPI-SSL Deep Packet Inspectionover SSL PresentedbyNyallSheldon
© Copyright SonicWall You cannot stop what you cannot see What is an HTTPS connection?
THE ENCRYPTED THREAT
© Copyright SonicWALL TODAY’S MOST POPULAR WEBSITESARE ENCRYPTEDWITH TLS/SSL
© Copyright SonicWALL POPULAR PROXY/BYPASS APPS ARE ENCRYPTEDWITH TLS/SSL
© Copyright SonicWALL ATTACKSARE BEING DELIVEREDOVER TLS/SSL
© Copyright SonicWALL SSL/TLS Encryption 2015 2016 trillion 5.3 trillion 7.3 SSL/TLS Total Hits GROWTH 38% 2014 2015 trillion 88 trillion 118 GROWTH* 43% 2016 trillion 126 Cloud Application Total Usage *since 2015 SSL/TLS-encrypted traffic grew by 38 percent, partly in response to growing cloud app adoption Source: 2017 SonicWall Annual Threat Report
© Copyright SonicWALL SSL/TLS Encryption of web connections were SSL/TLS- encrypted Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec HTTP HTTPS 8 7 6 5 4 3 2 1 0 WebConnectionsinBillions 2015 2016 Global HTTPS vs. HTTP Web Connections 62% Source: 2017 SonicWall Annual Threat Report
HOW SONICWALL DPI-SSL TECHNOLOGY HELPS CUSTOMERS DEFEAT ENCRYPTED THREATS
© Copyright SonicWall DECRYPT AND INSPECTENCRYPTEDTRAFFIC WITH DPI-SSL 1 Client initiates SSL/TLS handshake with server 2 NGFW intercepts request and establishes session using its own certificate in place of server 3 NGFW initiates SSL/TLS handshake with server on behalf of client using admin defined SSL/TLS certificate 4 Server completes handshake and builds a secure tunnel between itself and NGFW 5 NGFW decrypts and inspects all traffic coming from or going to client for encrypted threats 6 NGFW re-encrypts safe traffic and sends along to client and blocks encrypted threats SonicWall’s Deep Packet Inspection of SSL (DPI-SSL)
© Copyright SonicWALL CAPTUREATP(ADVANCED THREATPROTECTION) End User Internet SonicWall Firewall Download requests Malicious file File Verdict SonicWall Capture cloud service Capture database Capture file pre-process Capture multi- engine sandbox? ?   SonicWall GRID Data Center & Threat Research Team SSL Decryption Intrusion Prevention Gateway AV, Cloud AV CaptureATP Admin Instant malicious file notification/email Access file analysis reports, history MySonicWall portal File Verdict
© Copyright SonicWall MaximumDPIConnections 4K–200K375K–1.25M2.5M–10M Deep Packet Inspection Throughput Performance Enterprise / Data Center NSA Series Carrier / ISP SMB / Distributed Enterprise 50 - 3000 Mbps 3,500 - 12,000 Mbps TZ Series 40M+ Branch/Campus SuperMassive 9000 Series SuperMassive E10000 Series Firewall Sandwich Design 40,000 – 100,000+ Mbps SONICWALL NGFW FIREWALLLINEUP
© Copyright SonicWall Cluster of firewall blades configuration (Wiremode, NATed/routed) Firewall mode Security services Platform Dell F10 switches Throughput DPI-SSL throughput TCP connection per seconds Max. concurrent TCP connections Wiremode IPS + App Intelligence SM9400 (16 units) S5000, S6000 160Gbps (120Gbps for redundancy) 40Gbps 2.2 million 24 million IPS + App Intelligence SM9800 (16 units) S5000, S6000 320Gbps (240Gbps for redundancy) 80Gbps 4.5 million 40 million IPS, GAV, ASPY and Application Intelligence SM9800 (16 units) S5000, S6000 160Gbps (120Gbps for redundancy) 80Gbps 4.5 million 40 million NATed/routed IPS, GAV, ASPY and Application Intelligence SM9400 (16 units) + 4 X SM9800 S5000, S6000 120Gbps 40Gbps 1.1 million 12 million IPS, GAV, ASPY and Application Intelligence SM9800 (16 units) + 4 X SM10800 S5000, S6000 120Gbps 80Gbps 1.6 million 40 million HOW FAR DOES IT SCALE?
QUESTIONS?
THANK YOU

Recommended

Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101Jerod Brennen
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access ManagementPrashanth BS
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Payment Card Industry Security Standards
Payment Card Industry Security StandardsPayment Card Industry Security Standards
Payment Card Industry Security StandardsAshintha Rukmal
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS ComplianceSaumya Vishnoi
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 

Recommended

Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101Jerod Brennen
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access ManagementPrashanth BS
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Payment Card Industry Security Standards
Payment Card Industry Security StandardsPayment Card Industry Security Standards
Payment Card Industry Security StandardsAshintha Rukmal
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS ComplianceSaumya Vishnoi
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access managementVandana Verma
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Traininghimalya sharma
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM ArchitectureNishanth Kumar Pathi
 
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032PECB
 
Microsoft Cybersecurity Solutions CISO.pptx
Microsoft Cybersecurity Solutions CISO.pptxMicrosoft Cybersecurity Solutions CISO.pptx
Microsoft Cybersecurity Solutions CISO.pptxQuang Anh Trinh
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
ISO/IEC 27032 – Guidelines For Cyber Security
ISO/IEC 27032 – Guidelines For Cyber SecurityISO/IEC 27032 – Guidelines For Cyber Security
ISO/IEC 27032 – Guidelines For Cyber SecurityTharindunuwan9
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
GDPR and Security.pdf
GDPR and Security.pdfGDPR and Security.pdf
GDPR and Security.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Passwordless Authentication
Passwordless AuthenticationPasswordless Authentication
Passwordless AuthenticationEnterprise Management Associates
 
Security management
Security managementSecurity management
Security managementDean Iacovelli
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
Ngfw overview
Ngfw overviewNgfw overview
Ngfw overviewMotty Ben Atia
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 

More Related Content

What's hot

Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access managementVandana Verma
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Traininghimalya sharma
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032PECB
 
Microsoft Cybersecurity Solutions CISO.pptx
Microsoft Cybersecurity Solutions CISO.pptxMicrosoft Cybersecurity Solutions CISO.pptx
Microsoft Cybersecurity Solutions CISO.pptxQuang Anh Trinh
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
ISO/IEC 27032 – Guidelines For Cyber Security
ISO/IEC 27032 – Guidelines For Cyber SecurityISO/IEC 27032 – Guidelines For Cyber Security
ISO/IEC 27032 – Guidelines For Cyber SecurityTharindunuwan9
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 

What's hot (20)

Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices 
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Training
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
 
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
 
Microsoft Cybersecurity Solutions CISO.pptx
Microsoft Cybersecurity Solutions CISO.pptxMicrosoft Cybersecurity Solutions CISO.pptx
Microsoft Cybersecurity Solutions CISO.pptx
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access Management
 
ISO/IEC 27032 – Guidelines For Cyber Security
ISO/IEC 27032 – Guidelines For Cyber SecurityISO/IEC 27032 – Guidelines For Cyber Security
ISO/IEC 27032 – Guidelines For Cyber Security
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best Practices
 
GDPR and Security.pdf
GDPR and Security.pdfGDPR and Security.pdf
GDPR and Security.pdf
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
 
Passwordless Authentication
Passwordless AuthenticationPasswordless Authentication
Passwordless Authentication
 
Security management
Security managementSecurity management
Security management
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. Mookhey
 

Similar to SonicWall

Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
SonicWALL Advanced Features
SonicWALL Advanced FeaturesSonicWALL Advanced Features
SonicWALL Advanced FeaturesDavid Perkins
 
SonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxSonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxssuser813dcd
 
Ssl Vpn presentation at CoolTech club
Ssl Vpn presentation at CoolTech clubSsl Vpn presentation at CoolTech club
Ssl Vpn presentation at CoolTech clubiplotnikov
 
DDoS Mitigation on the Front Line with RedShield
DDoS Mitigation on the Front Line with RedShieldDDoS Mitigation on the Front Line with RedShield
DDoS Mitigation on the Front Line with RedShieldSam Pickles
 
Streamline and Secure Your Network and Users
Streamline and Secure Your Network and UsersStreamline and Secure Your Network and Users
Streamline and Secure Your Network and UsersFrederik Lawson
 
PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...
PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...
PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...PROIDEA
 
Debunking the Myths of SSL VPN Security
Debunking the Myths of SSL VPN SecurityDebunking the Myths of SSL VPN Security
Debunking the Myths of SSL VPN Securityinside-BigData.com
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...BAKOTECH
 
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWiseGWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWiseGWAVA
 
Pxosys Webinar Amplify your Security
Pxosys Webinar Amplify your SecurityPxosys Webinar Amplify your Security
Pxosys Webinar Amplify your Security🏆Ruben Cocheno💭
 
Cisco Live Cancun PR Session
Cisco Live Cancun PR SessionCisco Live Cancun PR Session
Cisco Live Cancun PR SessionFelipe Lamus
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsNetworkCollaborators
 
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation SecurityCybera Inc.
 
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityNetwork Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityEryk Budi Pratama
 

Similar to SonicWall (20)

Ngfw overview
Ngfw overviewNgfw overview
Ngfw overview
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
SonicWALL Advanced Features
SonicWALL Advanced FeaturesSonicWALL Advanced Features
SonicWALL Advanced Features
 
SonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxSonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptx
 
Ssl Vpn presentation at CoolTech club
Ssl Vpn presentation at CoolTech clubSsl Vpn presentation at CoolTech club
Ssl Vpn presentation at CoolTech club
 
DDoS Mitigation on the Front Line with RedShield
DDoS Mitigation on the Front Line with RedShieldDDoS Mitigation on the Front Line with RedShield
DDoS Mitigation on the Front Line with RedShield
 
Nas nie zaatakują!
Nas nie zaatakują!Nas nie zaatakują!
Nas nie zaatakują!
 
Streamline and Secure Your Network and Users
Streamline and Secure Your Network and UsersStreamline and Secure Your Network and Users
Streamline and Secure Your Network and Users
 
PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...
PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...
PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...
 
Debunking the Myths of SSL VPN Security
Debunking the Myths of SSL VPN SecurityDebunking the Myths of SSL VPN Security
Debunking the Myths of SSL VPN Security
 
Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
 
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWiseGWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
 
Pxosys Webinar Amplify your Security
Pxosys Webinar Amplify your SecurityPxosys Webinar Amplify your Security
Pxosys Webinar Amplify your Security
 
Cisco Live Cancun PR Session
Cisco Live Cancun PR SessionCisco Live Cancun PR Session
Cisco Live Cancun PR Session
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
 
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacks
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
 
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityNetwork Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information Security
 

Recently uploaded

New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 

Recently uploaded (20)

New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 

SonicWall

  • 1. DPI-SSL Deep Packet Inspectionover SSL PresentedbyNyallSheldon
  • 2. © Copyright SonicWall You cannot stop what you cannot see What is an HTTPS connection?
  • 4. © Copyright SonicWALL TODAY’S MOST POPULAR WEBSITESARE ENCRYPTEDWITH TLS/SSL
  • 5. © Copyright SonicWALL POPULAR PROXY/BYPASS APPS ARE ENCRYPTEDWITH TLS/SSL
  • 6. © Copyright SonicWALL ATTACKSARE BEING DELIVEREDOVER TLS/SSL
  • 7. © Copyright SonicWALL SSL/TLS Encryption 2015 2016 trillion 5.3 trillion 7.3 SSL/TLS Total Hits GROWTH 38% 2014 2015 trillion 88 trillion 118 GROWTH* 43% 2016 trillion 126 Cloud Application Total Usage *since 2015 SSL/TLS-encrypted traffic grew by 38 percent, partly in response to growing cloud app adoption Source: 2017 SonicWall Annual Threat Report
  • 8. © Copyright SonicWALL SSL/TLS Encryption of web connections were SSL/TLS- encrypted Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec HTTP HTTPS 8 7 6 5 4 3 2 1 0 WebConnectionsinBillions 2015 2016 Global HTTPS vs. HTTP Web Connections 62% Source: 2017 SonicWall Annual Threat Report
  • 9. HOW SONICWALL DPI-SSL TECHNOLOGY HELPS CUSTOMERS DEFEAT ENCRYPTED THREATS
  • 10. © Copyright SonicWall DECRYPT AND INSPECTENCRYPTEDTRAFFIC WITH DPI-SSL 1 Client initiates SSL/TLS handshake with server 2 NGFW intercepts request and establishes session using its own certificate in place of server 3 NGFW initiates SSL/TLS handshake with server on behalf of client using admin defined SSL/TLS certificate 4 Server completes handshake and builds a secure tunnel between itself and NGFW 5 NGFW decrypts and inspects all traffic coming from or going to client for encrypted threats 6 NGFW re-encrypts safe traffic and sends along to client and blocks encrypted threats SonicWall’s Deep Packet Inspection of SSL (DPI-SSL)
  • 11. © Copyright SonicWALL CAPTUREATP(ADVANCED THREATPROTECTION) End User Internet SonicWall Firewall Download requests Malicious file File Verdict SonicWall Capture cloud service Capture database Capture file pre-process Capture multi- engine sandbox? ?   SonicWall GRID Data Center & Threat Research Team SSL Decryption Intrusion Prevention Gateway AV, Cloud AV CaptureATP Admin Instant malicious file notification/email Access file analysis reports, history MySonicWall portal File Verdict
  • 12. © Copyright SonicWall MaximumDPIConnections 4K–200K375K–1.25M2.5M–10M Deep Packet Inspection Throughput Performance Enterprise / Data Center NSA Series Carrier / ISP SMB / Distributed Enterprise 50 - 3000 Mbps 3,500 - 12,000 Mbps TZ Series 40M+ Branch/Campus SuperMassive 9000 Series SuperMassive E10000 Series Firewall Sandwich Design 40,000 – 100,000+ Mbps SONICWALL NGFW FIREWALLLINEUP
  • 13. © Copyright SonicWall Cluster of firewall blades configuration (Wiremode, NATed/routed) Firewall mode Security services Platform Dell F10 switches Throughput DPI-SSL throughput TCP connection per seconds Max. concurrent TCP connections Wiremode IPS + App Intelligence SM9400 (16 units) S5000, S6000 160Gbps (120Gbps for redundancy) 40Gbps 2.2 million 24 million IPS + App Intelligence SM9800 (16 units) S5000, S6000 320Gbps (240Gbps for redundancy) 80Gbps 4.5 million 40 million IPS, GAV, ASPY and Application Intelligence SM9800 (16 units) S5000, S6000 160Gbps (120Gbps for redundancy) 80Gbps 4.5 million 40 million NATed/routed IPS, GAV, ASPY and Application Intelligence SM9400 (16 units) + 4 X SM9800 S5000, S6000 120Gbps 40Gbps 1.1 million 12 million IPS, GAV, ASPY and Application Intelligence SM9800 (16 units) + 4 X SM10800 S5000, S6000 120Gbps 80Gbps 1.6 million 40 million HOW FAR DOES IT SCALE?

Editor's Notes

  1. An HTTPS connection is a secure connection from the browser or application through the network and internet to the destination server or website. If you are NOT preforming sanctioned Man-In-The-Middle inspection, you cannot filter these HTTPS connections running through your firewall.
  2. Todays most popular websites are encrypted. If you are not inspecting HTTPS traffic there is a good chance users are getting around your CFS solution. These HTTPS websites could be unknowingly hosting malware
  3. Popular proxy and bypass apps are encrypted. These types of apps allow users to bypass CFS solutions and surf anonymously. Do you really know what users doing on your network with your current solution??
  4. Attackers are now using HTTPS to their advantage. They know that most people are not inspecting HTTPS traffic with their legacy firewall solutions. If you are not scanning HTTPS traffic you are putting your network at risk.
  5. - There was a 38% increase in SSL/TLS hits between 2015 and 2016. One reason for this increase is the growth in cloud application usage. - Google is also influencing the increase in HTTPS sites by driving search rankings to websites who use HTTPS rather than HTTP.
  6. 62% of web traffic running through your firewall will be encrypted. This number will continue to increase.
  7. With DPI-SSL in place. We can now inspect all SSL/TLS traffic flowing through the SonicWall. We can then block unwanted websites and applications while also scanning packets for malicious payloads.
  8. SonicWall Firewall File scanned by Gateway AV, Cloud AV, IPS services for known malware File mirrored to CaptureATP service for analysis. File hash, URI and verdict cached on firewall (File hash calculated from all file bits) Malicious file blocked if block till verdict enabled (HTTP/S only) SonicWall Capture cloud service Capture database checked for existing verdict Capture file pre-process checks AV aggregator, vendor/domain trust, file authenticode, presence of embedded code Capture sandbox platform executes file in up to 3 sandbox engines (SonicSandbox, Lastline, VMray) Verdict and behavior analysis result stored in Capture database, clean file deleted immediately. Malicious file sent to SonicWall threat team for further analysis, threat intel harvest. File deleted within 30 days MySonicWall portal Capture malicious file notification/email Capture subscription and notification Management Capture status and report access SonicWall GRID Data Center & Threat Research Team Malicious file analysis, threat intel harvest Gateway AV, IPS, Cloud AV signature updates created and submitted to Grid Network databases Malicious file deleted after analysis/signature
  9. - We offer a wide range of models to meet your throughput requirements