Increasingly we are seeing more software moving to web-based applications. From cloud computing platforms such as Microsoft Azure and Amazon Web Services to SaaS products like Salesforce, this transformation of IT is driving tremendous changes in the industry. This is particularly true in the enterprise, where web applications are performing critical functions that use sensitive data. As CIOs implement their digital transformation strategies, it is important to understand how to protect critical applications and ensure that the data they process remains secured.
Today, our long-standing technology partner F5 announced the new Herculon dedicated security devices to do just that – secure critical applications and data to enable the enterprises to further their digital transformation with confidence.
It is a typical scenario: as organizations grow and migrate many of their operations off-premises, they see the need to guard their connections and the data they carry. Encrypting everything to protect it from unauthorized disclosure is a common best practice, but the approach can also inhibit important network security defenses from having needed visibility of the traffic to monitor and scan for threats.
The Herculon SSL Orchestrator enables robust network security defenses providing encrypted traffic visibility, all while delivering coordinated secure access to critical applications. The new product provides SSL visibility, which involves encrypting and decrypting the data stream – a resource intensive process.
Thales enhances the solution by extending the proven integration with the F5 BIG-IP platform to the new Herculon security device. Thales our nShield Connect hardware security modules (HSMs) protect and manage the critical SSL keys that underpin the security of the solution, delivering both operational efficiency and high assurance security. Thales our nShield Connect HSMs ensure these keys are never exposed to unauthorized entities.
As organizations move forward in their digital transformation, they must address high performance requirements to support increasingly demanding transaction rates, while maintaining strong security. Guaranteeing that SSL keys are accessible when needed is vital. Certified to FIPS 140-2 Level 3 and Common Criteria EAL 4+, Thales our nShield HSMs enable key and certificate validation per established security policies. Particularly important to customers in highly regulated verticals such as government, healthcare, and financial services, the Thales nShield HSMs also enforce dual controls and separation of duties to facilitate security auditing.
This brings us back to the “encrypt everything” approach. When addressing how best to protect the application and the data that they process, this practice ensures that organizations can secure the information wherever it is created, shared, or stored. But one must not overlook what might hide inside encrypted channels. For that reason, a careful balance between application access, SSL visibility, and application protection must be maintained to deliver data security and compliance without impacting business agility.
With F5 and Thales, organizations can keep security close to the application. This not only protects against data theft, but also ensures constant application availability – whether in the datacenter or in the cloud – delivering data protection with confidence, speed, and trust.