t cht lk
TECH TALK
///////////////////////////////////////////////////
RE-THINKING DDOS
DEFENCES FOR ENCRYPTION
TECHNOLOGY TLS1.3
According to NETSCOUT Arbor, the arrival of TLS1.3,
the latest advance in encryption technology, is going to
require a re-think of certain mechanisms for detecting
and mitigating some forms of Distributed Denial of
Service (DDoS) attacks.
D
arren Anstee, Chief Technology
Officer, NETSCOUT Arbor, says
certain advances in encryption
technology, including the latest version of
the Transport Layer Security (TLS1.3), can
make identifying and blocking some threats
more difficult.
He clarifies that, while encryption is an
extremely valuable tool in any security
arsenal – enabling users to ensure privacy
when online or making mobile calls, and
facilitating the secure storage and exchange
of data, including personal information
www.intelligentcio.com
– it is simultaneously not a solution to all
security issues, as it can be used to ill effect
in ransomware.
“Many network-based threat and fraud
detection solutions have historically relied
upon transparent, passive decryption of
encrypted sessions via access to the server
private key(s); with the introduction of TLS
1.3 this is not as simple,” said Anstee.
Bryan Hamman, Territory Manager for
Sub-Saharan Africa at NETSCOUT Arbor,
added: “One of the key aims of encryption
“
TLS IS USED
TO SECURE
DATA AS IT IS
TRANSMITTED
BETWEEN WEB
BROWSERS
AND SERVERS.
INTELLIGENTCIO
67