Conclusion

Whether Blue Coat solution is or will be the only vendor in the market with a pure visibility appliance remains to be seen. As their ecosystem grows they will be harder to catch and will have cornered the market effectively.The challenge for Blue Coat is not just about creating that ecosystem for economic reasons, but whether they can convince their new partners to share the new threat information in some way.

If a growing ecosystem of key vendors can become advocates of STIX and TAXII, then they may as a group be able to find a way of making that first step, as Arandjelovic puts it.

SSL visibility is a huge challenge for enterprises and an attack vector that cannot be ignored anymore as Adrian Sanabria, senior security analyst at 451 Research puts it:

Adrian Sanabria, senior security analyst at 451 Research (Source LinkedIN)
Adrian Sanabria, senior security analyst at 451 Research

Currently, encrypted traffic is a huge blind spot for enterprise visibility. The importance of privacy will ensure this trend continues, but investments in network security are largely being wasted when encrypted traffic isn’t being inspected.

Sophisticated attackers know that evading defenses to get command and control traffic or data out of the enterprise is often as simple as using encryption in transit and perhaps a proxy or two. However, the technology to decrypt that traffic is only half the challenge – the other half is to leverage existing network security investments, which is why Blue Coat’s partnering efforts are so important.

We would argue that it could become more important than that, Arandjelovic has spoken about the course of action he believes should be followed. It is up to Blue Coat and the other security vendors to join together on a journey into the future. If it take five years it might never be achieved without disastrous consequences to several enterprises.

LEAVE A REPLY

Please enter your comment!
Please enter your name here