Ram Krishnamurthy is a Senior Product Management professional with over 20 years of industry experience building mission critical products and solutions across various verticals including software, telecommunication... Read More
July 14, 2020
Be Proactive Against Threats in your Network with Fidelis Decryption
Network Detection & Response is the latest trend in network-based cybersecurity. NDR culminates years of research and software development to bring together the basic elements of security requirements: Detection and Response. Fidelis has mastered these two requirements over the years. Most recently, Fidelis Decryption™ is a new product that was launched as a proactive capability to give visibility into hidden threats in an enterprise’s network traffic.
As we’ve seen in this white paper on Network Detection & Response, perhaps the most important aspect of NDR is to determine security gaps in an organization’s environment and to correct the security posture before an attack occurs. One proactive capability is Fidelis Decryption.
Some NDR solutions offer encrypted traffic pattern analysis capability without decrypting to detect some aspect of malicious behavior on the network. These detections can be valuable, but the lack of full visibility reduces the effectiveness of NDR because you can’t detect and respond to what you cannot see. The analyst is left to peruse log files to attempt to understand how the attack started, the scope of the compromise, and what data was stolen.
Decryption of TLS is thus an essential tool in NDR. Decryption expands the amount of traffic that can be inspected by NDR which permits Fidelis NDR to capture metadata on the HTTPS session and inspect certificates to ensure they are valid. The Fidelis TLS Decryption appliance provides Man-in-the-Middle (MITM) decryption of TLS traffic to expose application protocol traffic and content to the enterprise security team for threat detection and response.
Key Benefits of Fidelis Decryption
Fidelis Decryption is the only solution that, when deployed with our award-winning Fidelis Network, can extract the TLS session metadata as well as the decrypted application protocol and content. Other benefits include increased ROI on existing security investments, blind spots removed by decrypting traffic, improved performance of existing appliance by offloading decryption, and comprehensive protocol and cipher support.
Operational efficiency is gained by NDR, and proactive capabilities are just one part of the critical components in detecting and responding to your most advanced threats. To learn more about NDR, read our white paper on demystifying NDR and how Fidelis has been a leading provider of Network Detection & Response solutions for years. Still have more questions? Reach out to us.
See Fidelis platforms in action. Learn how our fast, scalable Fidelis Elevate and Fidelis CloudPassage Halo platforms provide deep insights into the SOC to help security teams worldwide protect, detect, respond, and neutralize even the most advanced cyber adversaries.