The Fast Mode spoke to Bernhard Kraft, Director of Technical Product Management at Optiva on new encryption technologies and their impact on today's networks. Bernhard joins us in a series of discussions with leading vendors in the traffic management, service assurance, traffic monitoring, analytics, policy control and network security space, assessing various attributes of encryption, its benefits as well as the challenges it poses, specifically loss of visibility that makes networking increasingly complex.
Tara: How important is encryption for today’s applications?
Bernhard: The internet has made many applications and content more accessible for consumers, removing barriers and enabling easy consumption. Additionally, the evolution of the web from 1.0 to 3.0 has changed consumer interactions from laptops to smart devices and virtual user engagements. Usability and ease of use are core for consumer attraction and retention. But as more people consume content from internet applications and provide their personal information, the risk of cyber attacks has exploded.
Privacy, data protection and content sovereignty are critical to applications. They protect content offered and users' sensitive information, which is necessary to build a trusted relationship so that services can be consumed in a secure manner. Security and privacy are key elements for each application provider, and security breaches have significant business impacts that can lead to heavy damages and offboarding of users.
Encryption plays a key role in this ecosystem, providing a layer of secure communication between clients to prevent cyber attacks, data theft and exposure of sensitive private information. In addition, governments have established laws, such as GDPR and the California Privacy Rights Act, to ensure that privacy, data protection and encryption are key building blocks in this framework.
Therefore encryption is vital for today's applications. It offers:
- Secure communication between clients and applications
- Data privacy for customers to protect information and usage data
- Visibility into the exchange of data and protection from theft
A world without security and encryption is no longer possible. At Optiva, we provide SaaS solutions for the telecom industry, and security is a top priority for ensuring data protection, secure communication and privacy. For more information, visit www.optiva.com.
Tara: How has encryption impacted network and traffic visibility?
Bernhard: The introduction of encryption has reduced data stream visibility, where solutions like deep packet inspection (DPI) offer information about the data stream to enable optimisations or provide dedicated monetisation options to improve the user experience.
The industry has designed a zero trust (ZT) paradigm, whereby only application service providers can access the content of communication channels and details exchanged. Therefore, it is difficult for telecommunications operators to obtain and know details about traffic to improve connection services. Additionally, information exchanged has to be continuously monitored by the provider to prevent communication that is illegal, abusive, exploitative, hacked, etc. Therefore, consumer confidence and trust are paramount.
Telecom providers have a specific interest in optimising end-users' experiences with internet services and, therefore, the related data. Having the right bandwidth, quality of service and preventing network congestion are examples of such interests and priorities. With the support of slicing in 5G, telcos gain capabilities to improve end-user services with the development of focused solutions. Net neutrality, however, does limit a telco's ability to bring focused solutions to market.
Types of traffic are still identified through endpoints, protocols used, etc., which are leveraged for optimisation and monetisation. However with applications such as YouTube, for example, advertising and YouTube Premium data are owned by YouTube. In the future, there will need to be models to enable those types of data classifications, especially if enterprises want to further enhance user experience with focused solutions and 5G use cases.
Additionally, enhancements are required to existing infrastructures to better facilitate pattern-based traffic determination, especially in relation to network optimization and the ability to provide SLA guarantees. Even if the exact content may not be known, insights can be drawn based on the speed, frequency, destination / origination, and more to drive network and policy decisions on the user plane. While this is nascent, we expect that next-generation DPIs will utilize AI / ML models trained on large swathes of data to analyse the live traffic in real time in the near future.
Encryption and traffic visibility will undergo a long, interesting evolution, especially in the context of the Web 3.0 umbrella and new telecom capabilities leveraging 5G and 6G technology.
This interview is a part of The Fast Mode's Real-time Visibility for Encrypted Traffic segment, featuring 34 leading IP networking solution providers and their views on the impact of encryption on traffic visibility. A research report on this topic will be published in February 2023 - for more information, visit here.
