t cht lk
TECH TALK
Bryan Hamman, Territory Manager for Sub-
Saharan Africa at NETSCOUT Arbor
is to prevent so-called ‘Man In The
Middle’ (MITM) attacks, ensuring that
an intermediate device that attempts to
decrypt the flow cannot intercept data
between the client and server.
“TLS is the encryption mechanism used within
enterprise networks and over the public
Internet and is a critical Internet security
protocol. TLS is used to secure data as it
is transmitted between web browsers and
servers. IP-based protocols like HTTPS, SMTP,
POP3 and FTP all support TLS for encryption.
“TLS 1.2 became the web’s standard in
2008. Since then, hackers have discovered
several vulnerabilities that have resulted in
some high-profile cyberattacks over the last
few years. TLS1.3 should assist in this regard
– it replaces TLS1.2 and became an official
standard in August 2013.”
Describing it as ‘a major revision designed
for the modern Internet’, the Internet
Engineering Task Force (IETF) noted
that the TLS1.3 update contains ‘major
improvements in the areas of security,
performance, and privacy’ and will make
it harder for eavesdroppers to decrypt
intercepted traffic. One of the major
drivers in the design of the new protocol
was the mass surveillance of Internet
communications by the US National Security
Agency (NSA), as revealed in 2013 by
Edward Snowden .
68
INTELLIGENTCIO
Work on TLS1.3 began in April 2014 and
was on its 28th draft before it was finally
approved in March 2018. Since then, up
until August 20, 2018, engineers have been
checking it to make sure that nothing in
TLS1.3 will cause any major problems. They
are now confident that there are no security
holes in the algorithms used in TLS1.3, while
the same cannot be said for 1.2.
“TLS 1.3 dictates that Perfect Forward
Secrecy (PFS) must be used – enhancing
the confidentiality of our communications
– but it makes us re-think our mechanisms
for dealing with another set of problems,
including mechanisms for detecting and
mitigating some forms of DDoS attack,”
said Anstee.
“The latest NETSCOUT Arbor Worldwide
Infrastructure Security Report (WISR)
confirms attacks targeting encrypted web
services have become increasingly common
in recent years.
www.intelligentcio.com