AISVA(Application Insight SSL Visibility Appliance) is a product that provides visibility for SSL traffic. It addresses security blind spots and enhances the performance of security equipment, providing full SSL encryption and decryption performance.
What is SSL?
-
- SSL is a type of encrypted communication. To be exact, it is a communication method that offers security for the user and the website that they access through their browser. However, it is difficult to solidly deal with the ever-evolving cyberattacks with SSL encryption as the only method. The bigger problem is that the means for introducing attacks through encrypted traffic are steadily increasing. According to Gartner, a predicted 50% of cyberattacks will be encrypted, as will 80% of all APT attacks in the future.
What is AISVA?
-
- AISVA (Application Insight SSL Visibility Appliance) supports Inline/mirroring mode deployment without influencing pre-existing security equipment. It completes a tight security system by providing bidirectional encryption and decription for servers and clients and combining SSL-based traffic (HTTPS, SMTPS, POP3S, and others) with industry-leading performance and SSL acceleration cards, allowing for the processing of 2048bits authentication certificates.
The Limitations of Present-Day Security Products
-
-
-
- Currently, the majority of security solutions are missing basic decryption functions. According to research from Gartner, only 20% of security devices in the market are capable of decrypting SSL traffic. Even the minority that is capable of decryption is said to deteriorate to 80% of full security in the process of said decryption. Therefore, SSL visibility appliances are now necessary in order to use SSL encrypted communication safely—as it allows you to monitor traffic without obstructing traffic processing.
-
-
Characteristics of AISVA
-
-
-
- Compatible with various encryption algorithms
- TLS1.0/TLS1.1/TLS1.2/SSL3
- Operation alongside various security measures such as IPS, IDS, and F/W
- Visibility also offered for IPv4 and IPv6 webs
- Network and SSL traffic monitoring
- Bypass function in case of hardware malfunction
- Real time monitoring
- Bidirectional en/decryption
- Multiple administrator function
- Compatible with various encryption algorithms
-
-
Active Inline Mode(Inbound/Outbound Configuration Compliant)
- Most commonly used operation mode
- High velocity decryption towards encrypted traffic, sending the data to security equipment and at the same time supports security equipment through inline connection
Passive Inline Mode(Inbound/Outbound Configuration Compliant)
- Sends decrypted traffic to security systems configured out of path
- Security system receiving decrypted traffic is connected to AISVA’s Passive Port
- Simultaneously run Active and Passive Inline modes
Passive Mirror Mode(Inbound Configuration Compliant)
- Sends decrypted traffic to security systems configured out of path
- Security system receiving decrypted traffic is connected to AISVA’s Passive Port
- AISVA will be configured as Mirror, not Inline—receives and decrypts mirrored traffic
SSL Termination Mode(Inbound Configuration Compliant)
- Minimizes changes to current network configuration settings
- En/decrypts SSL traffic while connecting current network configuration through inline
* All models are equipped with an SSL accelerator card.
* SSD is an option available for selection.
* 1: Tested under the following conditions
- SSL version: TLSv1.2
- Key size: 2048 bit
- Cipher suite: AES128-SHA