ipoque GmbH, a Rohde & Schwarz company, announced new Secure Shell (SSH) metadata extraction capabilities for its acclaimed R&S PACE 2 deep packet inspection (DPI) engine.
These new enhancements enable its vendor customers to offer greater security for network services over unsecured IP networks, said the company.
Optimal use of the SSH protocol requires proper configuration of parameters to prevent and avoid potential vulnerabilities. R&S PACE 2’s new capabilities enable it to inspect and extract metadata, provide complete visibility into SSH connection security and detect/prevent vulnerabilities that could be exploited by hackers and other malicious network intruders.
The latest release of PACE 2, 18.11.16, features an advanced SSH decoder that extracts metrics and measures such as the MAC algorithm, key exchange (KEX) algorithm, public keys, certificates and various other connection parameters. As a result, vendors of network equipment such as firewalls or secure SD-WANs can evaluate the strength of the security mechanisms implemented by the SSH protocol and apply policies to avoid misconfigurations that negatively impact the security of SSH connections. These include weak MAC hashing algorithms (such as MD5), short hashing values for MAC (such as 96 bits) or encryption algorithms with known issues (such as RC4).
Alexander Muller, Senior Product Manager, ipoque DPI Technologies
There’s no alternative to actually monitoring all network traffic and ensuring it meets rigorous security standards. By providing greater visibility into SSH traffic and communications, R&S PACE 2 enables security vendors to apply rigorous security policies and offer higher levels of security for corporate networks to differentiate their offerings from competing products.
