Network Monitoring is Dead? What Now? TLS, QUIC and Beyond

At the recent RSA Conference, I had the honor of moderating an impressive panel on the hot topic of TLSv1.3 adoption. Network Monitoring is Going Away…What Now? TLS, QUIC and Beyond was the result of the panelists’ and my interest in further opening up the path forward for adoption debate outside of the Internet Engineering Task Force (IETF). The goal was to surface the concerns and solutions related to network management and monitoring as we move to an Internet with increased use of stronger encryption.  Soon after RSA Conference 2018 I also presented this topic at Dell Technologies World 2018, “Technology Advancements: The Balance Between Encryption and Management”. I gleaned additional insights from attendees who operate and manage large networks, both private and service provider networks.  The feedback from these two audiences is included in this, the first of a short blog series on TLSv1.3 adoption. Subsequent blogs will dive deeper into the topics for consideration as you think about the next steps for your network and plan for the changes toward increased deployment of encryption, as well as improved protection against interception.

The panel debate was quite interesting as it surfaced both security and manageability concerns.  These concerns centered around the current practice of passive session interception for some network and security management tools with the push for stronger session encryption. There’s the obvious goal of session encryption to prevent pervasive monitoring and therefore, provide privacy and human rights protections for end users. This (Read more...)

*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Kathleen Moriarty. Read the original post at: http://www.rsa.com/en-us/blog/2018-05/network-monitoring-is-dead-tls-quic-beyond.html