Many Internet firewall managers are facing a quandary when it comes to filtering Internet content for users. As more and more web sites use secure connections it is becoming a question how to filter these connections. If a web site is using a secure connection via an address such as https:// there are limited ways to securely inspect the content of the data packets.
One method commonly used today is similar to a man-in-the-middle attack. The firewall breaks the security of each packet and inspects the contents then re-secures the packet. There are a couple of issues with this method.
The first is a question of security and privacy. By breaking the security and inspecting the packet all sorts of private information is now available in clear text. This information could include personal data such as social security numbers, or passwords, or banking data. This does not follow best practices.
The other problem is that this method is very resource intensive so it will cause the firewall processor to work very hard. This can cause a slow-down of not only the secure data, but it can also slow down all of the other traffic traversing the firewall. This could lead to speeds not reaching advertised rate, and that is very critical with so many businesses relying on cloud connectivity, today.
Calyptix in the line of AccessEnforcer unified threat management appliances has developed a unique method. With the release of operating system 3.1.16 they are now allowing and disallowing connections based on reputation of the sending server. This immediately remedies the issues of breaking the security of the packet as well as increases the traffic throughput speed.
Of course this is all very intricate and complicated. If you would like to explore the methods Calyptix is using to apply this type of filtering feel free to reach out to a Lotus engineer to discuss more.
Important announcement. Coming up in the next few weeks Lotus Management Services is going to introduce a limited-time opportunity to trade-in your current firewall for a new Calyptix AccessEnforcer unified threat management appliance for free including software and setup. We will release more details about this exciting program very soon.