Chengdu Shuwei Communication Technology Co., Ltd.
Your Network Visibility Solution One-stop Provider!
Add to Cart
Network Taps Threat Insight of HTTP SSL and TLS Protocol Monitor Cyber Security
Background
In the early days of accessing the web, we used the HTTP protocol, which used clear text when transferring data. Clear text transfer brought the following risks:
1. Information interception risk, and the third party can obtain the communication content
2. Risk of information tampering. The third party may tamper with the content of the communication
3. Identity impersonation risk. The third party can impersonate the identity of others to participate in the communication
To address the risks of plaintext transmission, netscape designed SSL for the Web as a secure transport protocol in 1994, which is the origin of SSL.The IETF standardized SSL and published the first edition of the TLS standard document in 1999.This was followed by RFC 5246 (August 2008) and RFC 6176 (March 2011).This protocol is widely used in the web.
Your network is under Attack? The Mainstreaming of Cybercrime happen everyday.
Take control and solve problems faster;
Experience Next Generation Visibility and Troubleshooting;
Achieving Service Assurance across Multi-Cloud Environments;
Smart Security is Here!
Contact our team today, see what the others can't, let's be a partner, we are here to accelerate Your NFV Journey!
SSL/TLS Protocol
TLS (Transport Layer Security) and its predecessor, SSL (Secure Sockets Layer), are Security protocols designed to provide Security and data integrity for Internet communications.
The TLS protocol USES the following three mechanisms to provide secure transmission for information communication:
1. Confidentiality. All communication is transmitted through encryption
2. Identity authentication shall be conducted through certificates
3. reliability, through the verification of data integrity to maintain a reliable security connection
Working Mechanism:
The TLS protocol consists of two parts, including (TLS Record Layer,TLS handshake protocol)
Record Layer:
Provide a header for each Message and generate a hash value from Message Authentication Code (MAC) at the end, where the header consists of 5 bytes, namely protocol description (1bytes), protocol version (2bytes) and length (2bytes). The length of protocol information following the header shall not exceed 16384bytes.
Handshake Protocol:
Starting a secure connection requires the client and server to repeatedly establish a handshake.A
TLS handshake goes through the following steps:
The SSL Handshake Protocol goes through the following steps:
3. 100G Data Acquisition, Data Capturing and Switch Service Card/Module Network Taps
| Component type | Product Model | Basic Parameter | Remarks |
| Service card | NT-TCA-SCG10 | 100G exchange card,10*QSFP28 interface | Choose according to actual business needs |
| NT-TCA-CG10 | 100G service card,10*QSFP28 interface | ||
| NT-TCA-XG24 | 10G service card,24*SFP+ interface | ||
| NT-TCA-RTM-CG10 | 100G RTM card,10*QSFP28 interface | ||
| NT-TCA-RTM-EXG24 | 10G RTM card,24*SFP+ interface | ||
| TCA Visibility Embedded software system | NT-TCA-SOFT-PKG | must |