What are Encrypted Traffic Analytics and Why Should You Care?
By now you’ve probably heard that Cisco’s new, intent-driven network brings you the capability to monitor encrypted network traffic for malware, without decrypting it. But maybe you aren’t clear on just what that means or why it matters.
Simon Blissett, writing on Cisco’s Financial Services blog channel, explains it very well in non-techie language:
Think of data packets like your suitcases when you fly around the world. If you don’t want anyone else to see in your case, you lock it with a big padlock. However, airline security needs to know what is in the case to keep everyone safe but doesn’t want to open every locked case. So it uses scanners to check that the suitcase doesn’t contain guns, liquids etc. without having to open the case. [Encrypted Traffic Analytics] does the same with encrypted network traffic – analyzes it for malware without opening the packet.
…[T]his is a major step forward. Customers and third parties are increasingly interacting with us using encrypted messages – especially as everyone is worried about privacy and data security. Now customers and third parties can continue to act in this way while the organization can ensure that this increased privacy and security does not come at the expense of their network integrity or cyber security – no hidden malware sneaking in under the cover of encrypted traffic.