
InstantCheck™ - Cloud Security Gateway
Existing web security solutions focus on filtering threats within http channels. However, more and more web sites redirect users to https-encrypted tunnels for privacy reasons so existing security solutions are bypassed. Such applications include Google Search / Map / Mail / Drive / Doc / Plus / Chat / Youtube, Twitter, Facebook, Facebook Chat, Dropbox, Yahoo Mail, Microsoft Outlook (hotmail) / OneDrive / Skype / Line...
As cloud services prevail, researchers had indicated that more than 90% of traffic will be encrypted in https by 2020. Auditing and filtering web contents becomes an uneasy job but everyone pretends to be unaware of this issue because no solution is available. It's time to face the truth.
Face The Truth: Threats Inside Https Tunnels
FILTERING INTERNAL/EXTERNAL THREATS WITHIN HTTPS
Existing web security solutions focus on filtering threats within http channels. However, more and more web sites redirect users to https-encrypted tunnels for privacy reasons so existing security solutions are bypassed. Such applications include Google Search / Map / Mail / Drive / Doc / Plus / Chat / Youtube, Twitter, Facebook, Facebook Chat, Dropbox, Yahoo Mail, Microsoft Outlook (hotmail) / SkyDrive / Skype / Line... As cloud services prevail, researchers had indicated that more than 40% of traffic will be encrypted in https by 2015. Auditing and filtering web contents becomes an uneasy job but everyone pretends to be unaware of this issue because no solution is available. It¡¦s time to face the truth.
Auditing Https By Regulatory Compliance
APPLY HTTPS DECRYPTION TRANSPARENTLY
Famous regulatory compliance includes Sarbanes-Oxley, PCI-DSS, HIPAA, SEC, FINRA, FSA, IIROC, FERC, NERC, CFTC, NFA, ... in many sectors. All electronic communications of an organization should be logged, recorded, and archived for years. However, encrypted communications are difficult to be audited so criminals are prone to hide themselves inside https. Digital forensics inside https are required for organizations to conform to the above mentioned regulatory compliance to avoid liability issues.
Your Transparent Https Solution
DECRYPTION WITHOUT USERS' AWARENESS
Painless deployment is essential to make users unaware of the https solution. Without dispatching an agent running on users' PC, InstantCheck can transparently hook https transactions and issue valid certificates to users' browsers. No client installment. No client reconfiguration on proxy settings. No restructuring network architectures. Just simply put InstantCheck inline then everything gets done. With a Cavium ASIC chip to decrypt/encrypt data in https, network performance is guaranteed without degradation. Above mentioned https applications can be logged, recorded, and archived transparently.
Rich Apps For Best-In-Breed Security
OPTIONAL PLUG-IN MODULES
In addition to auditing https contents, InstantCheck platform has invited best-in-breed security solutions:
(1) Google® cloud-based URL database for malware / spyware
(2) AegisLab® cloud-based URL database for botnet / C&C / malware detection
(3) OCR Lab® data recognition engine for data loss prevention (DLP) on outgoing files / messages
(4) NetAuditor® Line / Skype / WeChat recorder engine for recording messages / file transfers