Optimal use of the SSH protocol requires proper configuration of parameters to prevent and avoid potential vulnerabilities. R&S PACE 2’s new capabilities enable it to inspect and extract metadata, provide complete visibility into SSH connection security, and detect/prevent vulnerabilities that could be exploited by hackers and other malicious network intruders.
The latest release 18.11.16 of PACE 2 features an advanced SSH decoder that extracts metrics and measures such as the MAC algorithm, key exchange (KEX) algorithm, public keys, certificates and various other connection parameters. As a result, vendors of network equipment such as firewalls or secure SD-WANs can evaluate the strength of the security mechanisms implemented by the SSH protocol and apply policies to avoid misconfigurations that negatively impact the security of SSH connections. These include weak MAC hashing algorithms (such as MD5), short hashing values for MAC (such as 96 bits), or encryption algorithms with known issues (such as RC4).
"There’s no alternative to for actually monitoring all network traffic and ensuring it meets rigorous security standards," said Alexander Müller, senior product manager for ipoque’s DPI technologies. "By providing greater visibility into SSH traffic and communications, R&S PACE 2 enables security vendors to apply rigorous security policies and offer higher levels of security for corporate networks to differentiate their offerings from competing products."
To learn more about how IT security equipment vendors use the DPI engine R&S PACE 2 to enhance their network protection products and add value for their customers, read the network security white paper or read the network security case studies.
The Rohde & Schwarz team will also be offering a demo of R&S PACE 2 at Black Hat Europe, taking place Dec. 5-6 in London. Rohde & Schwarz can be found at Booth #409, and will be featured in a session, “Leveraging Encrypted Traffic Intelligence in Cybersecurity Solutions” on Dec. 6 at 11:35 am ET in Business Hall Theatre A. More information here.
ipoque, a Rohde & Schwarz company, is a leading vendor of deep packet inspection software that adds protocol and application classification capabilities to network analytics, traffic management and cybersecurity solutions. Rohde & Schwarz also provides a holistic network traffic analytics system for communication service providers that allows deep insights into network behavior, network performance and trends to optimize both quality of experience and quality of service. For more information, visit www.ipoque.com.
Rohde & Schwarz
The Rohde & Schwarz technology group develops, produces and markets innovative communications, information and security products for professional users. The group’s test and measurement, broadcast and media, aerospace | defense | security, networks and cybersecurity business fields address many different industry and government-sector market segments. On June 30, 2018, Rohde & Schwarz had approximately 11,500 employees. The independent group achieved a net revenue of approximately EUR 2 billion in the 2017/2018 fiscal year (July to June). The company has its headquarters in Munich, Germany. Internationally, it has subsidiaries in more than 70 countries, with regional hubs in Asia and America.
R&S is a registered trademark of Rohde & Schwarz GmbH & Co. KG.
ipoque GmbH A Rohde & Schwarz Company
Telefon: +49 (341) 59403-0
Telefax: +49 (341) 594030-19
Head of Marketing Network Analytics
Telefon: +49 (341) 59403-061