Cisco Systems has made available a new feature and cloud service that the company said can detect malware in encrypted traffic across the company's entire portfolio.
Dubbed Encrypted Traffic Analytics, or ETA, the system uses a combination of data and telemetry to detect threats in encrypted traffic wherever it's coming into the network. To make it happen, the San Jose, Calif., company said it has struck a careful balance between providing security while maintaining privacy.
ETA was introduced last June and became available this week across the Cisco portfolio of routers and switches, including its Catalyst portfolio, which is the cornerstone of the company's ambitious intent-based networking efforts. The only prerequisite is that users sign up for Cisco's StealthWatch security service. From there, the system uses analytics and machine learning to spot suspect traffic.
"It's the industry's only solution that has the capability to find threats in encrypted traffic without need for decryption," said Prashanth Shenoy, Cisco vice president of marketing, enterprise networks, IoT and developer platform. "In two years, 80 percent of traffic will be encrypted. That requires us to look at this in a holistic manner. We need to embed security in every part of the network, classify the traffic in terms of what is normal and what is malicious, and allocate the right personnel to the right threat."
Here are five things to know about the Cisco ETA offering.