• Products
    Products
    • ACCESS TRAFFIC
      ACCESS TRAFFIC
      • Physical Nodes
      • Virtual Nodes
      • TAPs
      • Traffic Aggregators
    • MANAGE & AUTOMATE
      MANAGE & AUTOMATE
      • Fabric Management and Automation
    • OPTIMIZE TRAFFIC
      OPTIMIZE TRAFFIC
      • Application Intelligence
        Application Intelligence
        • Application Filtering
        • Application Metadata
      • Subscriber Intelligence
        Subscriber Intelligence
        • FlowVUE
        • GTP Correlation
      • Traffic Intelligence
        Traffic Intelligence
        • NetFlow Generation
        • SSL Decryption
    • DETECT & RESPOND
      DETECT & RESPOND
      • Gigamon ThreatINSIGHT
  • Solutions
    Solutions
    • SOLUTIONS FOR
      SOLUTIONS FOR
      • Network Operations
      • Security Operations
      • Cloud Operations
      • Service Providers
    • I WANT TO...
      I WANT TO...
      • Improve Performance
      • Optimize Network Change
      • Send Traffic to the Right Tools
      • Improve On-Premises Security
      • Secure the Public Cloud
      • Accelerate Threat Response
    • INDUSTRY
      INDUSTRY
      • Federal
      • Financial Services
  • Partners
    Partners
    • FIND A PARTNER
      FIND A PARTNER
      • Technology Partners
      • Reseller Partners
      • Support and Professional Services Partners
      • Partner Locator
    • NOT A PARTNER?
      NOT A PARTNER?
      • Become a Partner
    • ALREADY A PARTNER?
      ALREADY A PARTNER?
      • Partner Portal Login
  • Support
    Support
    • OVERVIEW
      OVERVIEW
      • Support and Services
      • Policies
      • Warranty
    • GET SUPPORT
      GET SUPPORT
      • Contact Support
      • Education Services
      • Professional Services
    • COMMUNITY
      COMMUNITY
      • Discussion Forum
      • Collaboration Groups
      • All Content
  • Customers
    Customers
    • CUSTOMERS
      CUSTOMERS
      • View All
  • Resources
    Resources
    • RESOURCES
      RESOURCES
      • Resource Library
  • Company
    Company
    • IN THE NEWS
      IN THE NEWS
      • Blog
      • Events
      • Newsroom
    • COMPANY INFORMATION
      COMPANY INFORMATION
      • About Us
      • Careers
  • Login
    Login
    • Community
    • Partner Portal
  • EN
    EN
    • English
    • Français
    • Deutsch
    • 日本語
    • 한국어
    • 简体中文
  • Contact Us
logo
Products Solutions Partners Support Customers Resources Company
Login
  • Community

  • Partner Portal

EN
Language
  • English
  • Français
  • Deutsch
  • 日本語
  • 한국어
  • 简体中文

Network Visibility & Analytics for Digital Innovators

Market-leading network visibility, analytics, and threat detection and response to solve critical performance and security needs.

ACCESS TRAFFIC

Reliably manage, aggregate and control network traffic

  • Physical Nodes
  • Virtual Nodes
  • TAPs
  • Traffic Aggregators

OPTIMIZE TRAFFIC

Automatically extract traffic intelligence and optimize data flow

  • Application Intelligence
    • Application Filtering
    • Application Metadata
  • Subscriber Intelligence
    • FlowVUE
    • GTP Correlation
  • Traffic Intelligence
    • NetFlow Generation
    • SSL Decryption

MANAGE & AUTOMATE

Easily monitor physical and virtual nodes through a single pane of glass

  • Fabric Management and Automation

DETECT & RESPOND

Quickly access real-time network data to accelerate threat investigation

  • Gigamon ThreatINSIGHT

Get Started with Visibility

The market-leading full-stack visibility solution to access and aggregate network data from a single, integrated platform.

LEARN MORE

SOLUTIONS FOR

  • Network Operations
  • Security Operations
  • Cloud Operations
  • Service Providers

I WANT TO...

  • Improve Performance
  • Optimize Network Change
  • Send Traffic to the Right Tools
  • Improve On-Premises Security
  • Secure the Public Cloud
  • Accelerate Threat Response

INDUSTRY

  • Federal
  • Financial Services
insight

Gigamon ThreatINSIGHT

Accelerate threat detection and response

A Thriving Partner Ecosystem

Gigamon reseller and integration partners design, implement and optimize best-of-breed and validated joint solutions.

FIND A PARTNER

  • Technology Partners
  • Reseller Partners
  • Support and Professional Services Partners
  • Partner Locator

NOT A PARTNER?

  • Become a Partner

ALREADY A PARTNER?

  • Partner Portal Login
app metadata

Metadata Empowered Partner Program

Deliver the power of metadata to your customers.

Proven Support and Services

Our global support team is commited to creating experiences of unmatched quality, scalability and efficiency.

MY GIGAMON

OVERVIEW

  • Support and Services
  • Policies
  • Warranty

GET SUPPORT

  • Contact Support
  • Education Services
  • Professional Services

COMMUNITY

  • Discussion Forum
  • Collaboration Groups
  • All Content

Customer Success

Our global customers are empowered to transform their businesses and innovate with the power of pervasive network visibility and analytics.

CUSTOMERS

  • View All
black-hat

BlackHat

Increase the efficiency of security tools while lowering costs.

 

black-hat

FireEye

Take troublesome tools offline with inline bypass.

black-hat

Under Armour

Visibility at scale with state-of-the-art security architecture.

Resource Library

Your one-stop hub to explore content resources to stay current on the latest in network visibility and analytics.

RESOURCES

  • Resource Library
comparison

Comparison Chart

Gigamon Products: GigaVUE TA Series and GigaVUE HC Series

 

ihs

IHS Markit Report

Gigamon is the leader for the sixth consecutive year.

webinars

Featured Webinars

Hear from our experts live or on demand.

 

WHY GIGAMON

We are the first company to deliver, in a single platform, network visibility and analytics across all seven OSI layers, solving for critical performance and security needs.

 

IN THE NEWS

  • Blog
  • Events
  • Newsroom

COMPANY INFORMATION

  • About Us
  • Careers
atr

Gigamon Applied Threat Research Team

Securing our customers with leading-edge threat research

FREE TRIALS CONTACT SALES
SORT BY CATEGORY
All
|
Networking
|
Security
|
Trends and News
|
Virtual and Cloud
  • SORT BY CATEGORY
    • All
    • Networking
    • Security
    • Trends and News
    • Virtual and Cloud

Home » Security » TLS 1.3 — Its Benefits Are Real, but So Are the Drawbacks

TLS 1.3 — Its Benefits Are Real, but So Are the Drawbacks

Haider Jarral, Technical Marketing EngineerJuly 25, 2019

I’ve always wondered if Sir Timothy John Berners-Lee, the inventor of the World Wide Web, would have put more emphasis on security if he knew how pervasive the internet would become across all aspects of our personal and business lives.

There is a critical need for better security as larger volumes of sensitive data flow over the web. Just as living creatures have evolved to adapt to challenging conditions, security technologies must also adapt to new, more risky environments.

In terms of evolving internet security, TLS 1.3 (Transport Layer Security) has been talked about for many years in the network and security domains. The relatively long timeline of five years from inception to release reveals just how much time and effort has been put into refining and ratifying this standard. Very simply put, TLS 1.3 will become the de facto security standard for all communication over the internet.

The development of TLS 1.3 focused on two main enhancements: faster speeds and stronger security. What does TLS 1.3 mean for end users and the NetOps and SecOps professionals responsible for network performance and security? 

For Users 

Users can upgrade to TLS 1.3 with a click of a simple “update” button on their browser. Other than that, the transition is mostly transparent to the end user. Users will benefit from faster and more secure browsing. The performance improvement may not be noticeable to the naked eye since it’s a 100ms improvement in handshake. Over time, however, users will enjoy better connections and faster browsing without needing other upgrades to their internet services.  

For NetOps Teams

Wearing a NetOps hat means having responsibility for creating “an agile, scalable and programmable infrastructure capable of delivering business-critical applications and services rapidly and efficiently.”1

In practical terms, this means NetOps teams work to ensure the network runs fast and stays secure even as new standards, tools and applications are added to the mix.

While enabling TLS 1.3 as a de facto standard in your organization may be as simple as adding TLS 1.3 under application or web settings, troubleshooting encrypted content may become more difficult because you can no longer identify, control or log which sites users are going to, as an example.2

As a workaround, you can disable certain fields like server name identification (SNI) to keep some visibility, but this means losing the full benefits of TLS 1.3. Standard network troubleshooting techniques may not be efficient and manual intervention may be required.

These challenges can be partially overcome by using third-party tools, which show unencrypted traffic, but this can bring additional issues — decryption is very resource-intensive and tools at the edge still can’t decrypt east-west traffic.  

For SecOps Teams 

Nothing makes a SecOps team happier than hearing that their organization will become more secure, especially without extra effort on their part. Yet TLS 1.3 is a double-edged sword. While TLS 1.3 brings lots of security benefits by disabling weak ciphers and using forward secrecy, it also makes it harder for SecOps teams to monitor malware or phishing attacks.

For example, strongly encrypted content presents formidable blind spots for security analysis tools. As a result, they cannot see all the traffic traversing the network, which can lead to long dwell times and increased damage.

Just like new types of security protection, threats also evolve to take advantage of new security loopholes. To detect and remediate threats as quickly as possible, SecOps teams must ensure that they and their tools get a complete view of all traffic on the network (not just a percentage).

The TLS 1.3 Bottom Line

What does TLS 1.3 mean to you as a NetOps or SecOps professional? The bad news is that you can’t just sit back and reap the benefits of better network security as TLS 1.3 rolls out. The good news is that there are things you can do to facilitate the transition that will make your organization much more secure than before.

As mentioned above, decryption can be done at the individual tool level, but this approach has drawbacks — it’s resource-intensive and each tool receives only a subset of network traffic. For example, edge devices like firewalls can see only north-south traffic.

A centralized decryption solution, capable of decrypting all TLS 1.3-encrypted traffic — without violating privacy regulations — and sending compliant traffic to the relevant tools, is a better approach. This approach also frees up tool resources, so they can perform their core tasks more efficiently. A single solution can also serve the purposes of NetOps and SecOps teams so both groups benefit without overlapping investments or adding complexity to the network.

Figure 1. A centralized decryption approach provides visibility into both north-south and east-west traffic and frees valuable tool resources.

Centralized Decryption — It’s Available Today

Gigamon SSL/TLS Decryption enables SecOps, NetOps and applications teams to obtain complete visibility into SSL/TLS traffic regardless of protocol or application. Learn more by reading “Defending the Digital Enterprise” and our feature brief.

Citations

  1. “What Is NetOps?” TechTarget. Accessed July 18, 2019. https://searchnetworking.techtarget.com/definition/NetOps.
  2. Conran, Matt. “Can TLS 1.3 and DNSSEC Make Your Network Blind?” Network World. IDG. December 20, 2018. Accessed July 18, 2019. https://www.networkworld.com/article/3329858/can-tls-13-and-dnssec-make-your-network-blind.html.
Join the Gigamon Community for advice and tips on computer networks and cybersecurity.

Continue the Discussion

People are talking about this in the Gigamon Community’s
Security group. Share your thoughts today.

  • Facebook
  • Twitter
  • LinkedIn

Learn More

  • Putting NetOps Back in Control
  • Stronger Security Starts with Network Visibility
  • Stop Managing Tools and Start Securing Your Organization

Current Offerings

  • Live Gigamon ThreatINSIGHT Demo
  • Gigamon ThreatINSIGHT Video Demo
  • Live Gigamon Visibility Platform Demo
  • Gigamon Flow Mapping® Video Demo
  • SSL/TLS Video Demo

Tweets

Gigamon@gigamon·
14 Dec

Gigamon is looking for: Sales Engineer - Northeast
http://app.jobvite.com/m?3EOqQkwx #job

Reply on Twitter 1205670965528666118Retweet on Twitter 1205670965528666118Like on Twitter 1205670965528666118Twitter 1205670965528666118
Gigamon@gigamon·
13 Dec

4 gridiron-inspired tips that can help you achieve #DigitalTransformation success with #data: https://ubm.io/2rkH3Qv @sjbuckley @DarkReading

Reply on Twitter 1205498100980310016Retweet on Twitter 1205498100980310016Like on Twitter 12054981009803100163Twitter 1205498100980310016
Gigamon@gigamon·
13 Dec

Never hurts to have a reminder. http://bit.ly/2l8YDDq #cybersecurity #security #cyberattacks

Reply on Twitter 1205442549617430528Retweet on Twitter 1205442549617430528Like on Twitter 12054425496174305281Twitter 1205442549617430528
Load More...


COMPANY
  • About Us
  • Blogs
  • Careers HIRING!
  • Customers
  • Events
  • Leadership Team
  • Newsroom
  • Offices
GET HELP
  • Community
  • Contact Sales
  • Partner Portal
  • Support & Services
PRODUCTS & SOLUTIONS
  • Application Intelligence
  • GigaSMART
  • GigaVUE HC Series
  • NetFlow Generation
  • Network Taps
  • SSL/TLS Decryption
  • Threat Detection and Response
  • Visibility Fabric Management and Automation
POPULAR LINKS
  • 2019 Cyberthreat Defense Report
  • 2019 IHS Report
  • Crimeware Trends Report
  • Featured Webinars
  • First Step to Visibility
  • Free Trials and Demos
  • Gigamon Product Comparison
  • Network Visibility Guide

  • Terms & Agreement
  • Privacy Policy
  • Cookie Policy
  • ©Gigamon 2019