Cost of End-To-End Encryption

Cost of End-To-End Encryption (Lack of Intrusion Detection / Prevention in Encrypted Traffic)

End-to-end encryption has its cost.  Intrusion Detection and Prevention Systems (IDS and IPS)  are unable to analyze encrypted traffic and attack vectors may get through the iDS / IPS if the traffic is in an encrypted format.  Encryption should be maintained as close to the Destination Server as possible.  Once the traffic is in a secure site, the traffic can be decrypted for analysis by Firewalls, IDS and IPS devices before they reach their Destination Servers.

IDS and IPS devices by themselves are incapable of decrypting and re-encrypting traffic.  Until this technology is developed, there is a risk of data sniffing at the last mile where the IDS / IPS is setup.  But this risk could be significantly lower than the risk of malicious traffic reaching your destination servers.  The risk of data sniffing could be further reduced by securing the DC, segregating the last mile communication into separate VLAN and turning off port mirroring for the VLANs concerned.

References:

http://searchsecurity.techtarget.com/magazineContent/Data-Encryption-and-IDS-IPS-Getting-a-better-view-of-network-activity

Cost of End-To-End Encryption

Network Connection Monitoring

Network Connection Monitoring

NetWorx is a simple and free, yet powerful tool that helps you objectively evaluate your bandwidth consumption situation. You can use it to collect bandwidth usage data and measure the speed of your Internet or any other network connections. NetWorx can help you identify possible sources of network problems, ensure that you do not exceed the bandwidth limits specified by your ISP, or track down suspicious network activity characteristic of Trojan horses and hacker attacks.

The program allows you to monitor all your network connections or just a specific network connection, such as Wireless or Mobile Broadband. The software also features an array of highly customisable visual and sound alerts. You can set it up to alert you when the network connection is down or when some suspicious activity — such as unusually heavy data flow — occurs. It can also automatically disconnect all dial-up connections and shut the system down.

The incoming and outgoing traffic is represented on a line chart and logged into a file, so that you can always view statistics about your daily, weekly and monthly bandwidth usage and dial-up duration. The reports can be exported to a variety of formats, such as HTML, MS Word and Excel, for further analysis.

Network Connection Monitoring