AUTHORS: Devon James, Michael Shirley, Tim Otto
The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols form the foundation of e-commerce security, verifying the authenticity of websites, encrypting the transfer of sensitive data, and ensuring the integrity of exchanged information. The goal of SSL is to prevent cybercriminals from reading and modifying any information transferred between two systems. It does this by using encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection.
Hypertext Transfer Protocol Secure (HTTPS) has risen significantly over the past few years. Web browser-based applications and search engines are enabling SSL by default as a result of privacy and security concerns.
Today’s NGFW security products offer SSL inspection capabilities in order to look inside the secured tunnel, check for threats, and block them. This technique is key for protecting users and networks from threats that use HTTPS to bypass security defenses.