Protect Your Business Against Malware with Deep Packet Inspection

by Amy Hitchmough on 07 Nov 2016

Deep Packet Inspection

The online world is always changing and our SysGroup Plc are constantly seeing new threats. To combat such issues we provide innovative solution and support to help make browsing online as safe as possible for our clients. This includes the introduction of HTTPS Deep Packet Inspection, delivered by SysGroup Plc through our WatchGuard Services.

Deep Packet Inspection (DPI) may sound rather complicated, but it is essentially a filter designed to examine if there are any viruses, spam or generally harmful elements hidden on a website by hackers to access personal or financial information.

Making sure your Internet is fully secure is now a daunting task for any business and DPI is becoming increasingly important, as previously secure technologies are being targeted including the world recognised HTTPS protocol.

In 1994 Hypertext Transfer Protocol (HTTP) was introduced to protect online users when shopping online by using a form of encryption that protected our data from being intercepted.  The added ‘S’ indicated security. Hackers have now discovered that HTTPS is tailor made for cloaking their cyber-attacks.

What is HTTPS?

HTTPS is a protocol over which data is sent between your browser and the website that you are connected. Signified by a lock before the website URL, this indicates HTTPS is present on a website, and previously meant your data was being better protected.

To have a robust HTTPS connection, an SSL certificate from an approved and trusted source is also required.

Known as Secure Sockets Layer (SSL) Encryption, this technology has been embraced by many businesses – providing more privacy and security for organisations and individuals using the Internet to communicate and transact business. However, this same technology is now being used by cyber attackers taking advantage of SSL to hide their malware.

What is an SSL certificate?

SSL certificates are small data files that digitally bind a cryptographic (a secure method of storing and transmitting data) to an organisation’s details, which can be purchased and installed on a web server. It activates the padlock and the HTTPS protocol and allows secure connections from a web server to a browser.

In nearly half of cyber-attacks in the past 12 months malware has been sneaked into organisations under the cover of encryption, a study has revealed.

Cyber criminals are using HTTPS to bypass the cutting-edge firewalls, sandboxing technologies and behaviour analytics tools designed to detect and neutralise malicious traffic. The good news is there is technology on the market that can look one level deeper into the network traffic to spot malicious or suspicious HTTPS content. This is called HTTPS Deep Packet Inspection and WatchGuard are one of the companies that can deliver this to you.

HTTPS DPI is a form of computer network packet filtering that examines the data part of a packet as it passes and inspection point, searching for protocol non-compliance, viruses, spam and intrusions.

Small and mid-sized businesses should begin looking into adding HTTPS protection. WatchGuard firewalls have the capability to turn on HTTPS Deep Packet Inspection. The Firebox or XTM device can decrypt HTTPS traffic to inspect content, then encrypt again with a new certificate.

If you would like more information on WatchGuard products please contact WatchGuard’s UK Platinum Partner, SysGroup Plc on 0333 101 9000 (option 1) or email hello@sysgroup.com 

 

Thanks for reading all the way to the end!
We'd love 'it' if you shared this article.

Looking for support?

Installing, maintaining and configuring a Watchguard Product.

Expert Configuration, Emergency 24/7 Support

Help Me

Not sure what to choose?

Firewall, Unified Threat Management (UTM), Wireless and Virtual Solutions.

Help me Choose

Show Me
Contact Us