be_ixf;ym_202010 d_01; ct_50

Deep packet inspection

Don’t let HTTPS be a security blind spot. Gain visibility into encrypted SSL/TLS traffic to find hidden threats using deep packet inspection capabilities of AT&T Global Security Gateway.

Request info Watch 2-min overview ⟶

Overview

Deep packet inspection with AT&T Global Security Gateway

Encryption of traffic on the web establishes a crucial security foundation for confidentiality and privacy online. However, encryption also provides a cloak to cybercriminals by which to transmit malware. Many firewalls claim that they offer deep packet inspection capabilities, but decryption is so processor-intensive that it greatly reduces the performance to an unacceptable level.

AT&T Global Security Gateway is a managed service that offers unified protection against web-based threats for virtually all of your users, whether they are working from the office or remotely. This solution allows organizations to utilize deep packet inspection to help determine if the content they are interacting with on the Internet contains malware, removing the burden of this function from firewalls.

Visibility into encrypted traffic

Consistently inspect web activity and apply security content policy across both HTTP and HTTPS traffic.

Learn more

Works across distributed networks

Help protect complex architectures with filtering that works on SD-WAN and direct-to-cloud connections.

Learn more

Maximized network performance

Maintain visibility with minimal network bottlenecks or performance speed bumps.

Learn more

Fully managed

Achieve the coverage of deep packet inspection without hassle through this fully managed service.

Learn more

Benefits

Help reduce security blind spots and maintain network performance

Visibility into encrypted traffic

Some estimates show that as much as two-thirds of today's common malware uses encryption for obfuscation. And due to the processor-intensive nature of decryption, many organizations simply choose to ignore encrypted traffic creating a huge blind spot in the enterprise—leaving as much as 94% of web activity unchecked.

AT&T Global Security Gateway, with the capability for the enterprise to select deep packet inspection, allows for examination of all outbound traffic uniformly, whether HTTP or HTTPS. The solution helps to locate malware that commonly hides within encrypted channels. 

Maximized network performance

The cloud-native architecture of AT&T Global Security Gateway makes it possible to perform deep packet inspection without introducing the kind of latency that often comes from backhauling traffic through data center security hardware. The solution gives enterprises the ability to maximize the benefits of digital transformation without compromising security.

Works across distributed networks

Gain centralized visibility and control over distributed networks with the ability to view and run reports on encrypted web traffic across all users and locations through one pane-of-glass.

Fully managed

Backed by the 24x7 oversight from AT&T Network Operations Centers, Global Security Gateway helps to identify and block threats that are hidden in encrypted web traffic through a fully managed service. AT&T assists with directing internet traffic to the solution and provides an option for the management of on-premises firewalls as well.

Managed services from AT&T Cybersecurity provide:

  • Notifications for an event that require the attention of customer’s on- site staff
  • Response to change requests within 24 business hours of receipt
  • Comprehensive reports that can be delivered automatically or on demand

Tap into the expertise of AT&T Cybersecurity and let your service implementation manager guide you through security policy design, configuration, testing, and maintenance.

FAQ

Why do firewalls struggle to inspect encrypted web traffic?

Some traditional firewalls do not even have the capability to examine SSL/TLS traffic. But even when they do, decrypting data for deep packet inspection in line with traffic flows is a processor-intensive activity that swamps many hardware-based security devices. This activity slows traffic and degrades the user experience.

How much enterprise traffic will I ignore without deep packet inspection?

Industry analysis shows that anywhere between 70% to 95% of web traffic today is now running through encrypted channels. According to the most recent Google Transparency Report, 95% of all tracked Chrome users use HTTPS for their web connections. That means that enterprises that don't perform deep packet inspection could be limiting visibility to just 5% of their users' activity.

How does deep packet inspection compare to firewall filtering?

Conventional packet filtering only examines the header information for each packet to compare its source/destination IP and the port number against its access control list to make a decision on whether to allow or drop it. Deep packet inspection will not only consider the information contained in the header, but also the content contained within the payload of the packet. One real world scenario that it can be compared to is what is experienced at airport security. Packet filtering is similar to checking the luggage tag to validate that the originating and destination airport as well as the flight number all match up against their records. Deep packet inspection would be closer to x-raying the bag to view its contents to provide that there is nothing dangerous inside. 

Request info

To get sales help from an AT&T Cybersecurity specialist, please complete this form.