The Fast Mode spoke to Dmitry Kurbatov, co-founder and CTO of SecurityGen on new encryption technologies and their impact on today's networks. Dmitry joins us in a series of discussions with leading vendors in the traffic management, service assurance, traffic monitoring, analytics, policy control and network security space, assessing various attributes of encryption, its benefits as well as the challenges it poses, specifically loss of visibility that makes networking increasingly complex.
Tara: How does encryption affect network security?
Dmitry: Obviously, encryption is an essential tool for ensuring the security of network communications and protecting sensitive information from unauthorized access, interception, and tampering.
If an attacker is using encryption to hide his malicious activity on the network, detecting and monitoring his activity can be more challenging; but still, a combination of network traffic analysis, endpoint detection and response, intrusion detection and prevention, and behavioural analytics can help organizations detect and respond to security threats.
Tara: How does encryption affect telecom operators in managing their networks?
Dmitry: Encryption can have both positive and negative effects on telecom operators in managing their networks. On the one hand, encryption can enhance the security of the data transmitted over the network, which can help prevent unauthorized access and protect the privacy of users. Telecom operators can use encryption to secure sensitive customer data, such as personal information, financial transactions, and call records, from hackers and other cyber threats.
On the other hand, encryption can also pose challenges for telecom operators in managing their networks. Encrypted traffic can be difficult to monitor and analyze, which can make it harder to detect and respond to security threats or network performance issues. In addition, some encrypted traffic can use more bandwidth and resources, which can impact the overall performance of the network.
Telecom operators need to balance the benefits of encryption with the challenges it poses in managing their networks. They can use various tools and techniques, such as traffic analysis and deep packet inspection, to monitor and analyse encrypted traffic and ensure the security and performance of their networks.
Tara: What are some of the means telecom operators can adopt to gain visibility into encrypted traffic?
Dmitry: For telecom networks, gaining visibility into encrypted traffic can be a challenge due to the high volume of traffic and the need to maintain high network performance. However, telecom operators can use specialized tools such as deep packet inspection (DPI) to analyse the network traffic and identify any malicious activity even if the traffic is encrypted. They can also implement techniques such as SSL/TLS interception, which involves intercepting and decrypting the encrypted traffic to inspect it for any malicious activity before re-encrypting it and forwarding it to the destination. Another approach is to use machine learning algorithms to detect anomalous behaviour within the encrypted traffic patterns. These techniques can help telecom operators to gain better visibility into encrypted traffic and enhance the security of their networks.
This interview is a part of The Fast Mode's Real-time Visibility for Encrypted Traffic segment, featuring 34 leading IP networking solution providers and their views on the impact of encryption on traffic visibility. A research report on this topic will be published in March 2023 - for more information, visit here.
