top of page
InstantCheck   Cloud Security Gateway

Existing web security solutions focus on filtering threats within http channels. However, more and more web sites redirect users to https-encrypted tunnels for privacy reasons so existing security solutions are bypassed. Such applications include Google Search / Map / Mail / Drive / Doc / Plus / Chat / Youtube, Twitter, Facebook, Facebook Chat, Dropbox, Yahoo Mail, Microsoft Outlook (hotmail) / OneDrive / Skype / Line...

 

As cloud services prevail, researchers had indicated that more than 90% of traffic will be encrypted in https by 2020. Auditing and filtering web contents becomes an uneasy job but everyone pretends to be unaware of this issue because no solution is available. It's time to face the truth.

Face The Truth: Threats Inside Https Tunnels

FILTERING INTERNAL/EXTERNAL THREATS WITHIN HTTPS

Existing web security solutions focus on filtering threats within http channels. However, more and more web sites redirect users to https-encrypted tunnels for privacy reasons so existing security solutions are bypassed. Such applications include Google Search / Map / Mail / Drive / Doc / Plus / Chat / Youtube, Twitter, Facebook, Facebook Chat, Dropbox, Yahoo Mail, Microsoft Outlook (hotmail) / SkyDrive / Skype / Line... As cloud services prevail, researchers had indicated that more than 40% of traffic will be encrypted in https by 2015. Auditing and filtering web contents becomes an uneasy job but everyone pretends to be unaware of this issue because no solution is available. It¡¦s time to face the truth.

Auditing Https By Regulatory Compliance

APPLY HTTPS DECRYPTION TRANSPARENTLY

Famous regulatory compliance includes Sarbanes-Oxley, PCI-DSS, HIPAA, SEC, FINRA, FSA, IIROC, FERC, NERC, CFTC, NFA, ... in many sectors. All electronic communications of an organization should be logged, recorded, and archived for years. However, encrypted communications are difficult to be audited so criminals are prone to hide themselves inside https. Digital forensics inside https are required for organizations to conform to the above mentioned regulatory compliance to avoid liability issues.

Your Transparent Https Solution

DECRYPTION WITHOUT USERS' AWARENESS

Painless deployment is essential to make users unaware of the https solution. Without dispatching an agent running on users' PC, InstantCheck can transparently hook https transactions and issue valid certificates to users' browsers. No client installment. No client reconfiguration on proxy settings. No restructuring network architectures. Just simply put InstantCheck inline then everything gets done. With a Cavium ASIC chip to decrypt/encrypt data in https, network performance is guaranteed without degradation. Above mentioned https applications can be logged, recorded, and archived transparently.

Rich Apps For Best-In-Breed Security

OPTIONAL PLUG-IN MODULES

In addition to auditing https contents, InstantCheck platform has invited best-in-breed security solutions:

(1) Google® cloud-based URL database for malware / spyware
(2) AegisLab® cloud-based URL database for botnet / C&C / malware detection
(3) OCR Lab® data recognition engine for data loss prevention (DLP) on outgoing files / messages
(4) NetAuditor® Line / Skype / WeChat recorder engine for recording messages / file transfers

bottom of page