While encrypted traffic does increase security, there are still ways that it can be compromised. Cisco has just announced that its Encrypted Traffic Analytics (ETA), which has an ability to detect malware hidden in encrypted traffic by using machine learning-based approach, has now become generally available for most of its switch and routing platforms.
Announced as a preview technology back in June 2017, as a part of its intent-based networking initiative, Cisco’s Encrypted Traffic Analytics (ETA) can detect hidden malware in encrypted traffic without the need to decrypt it.
Since encrypted data can not be read without being decrypted, Cisco ETA can inspect the initial data packet (IDP) in an encrypted traffic stream as well as use the Sequence of Packet Lengths and Times (SPLT) to detect potential threats by using machine learning from Cisco’s Global Risk Map.
Intent-based networking has been a focus of Cisco for quite some time and has been exploring the use of machine learning to understand what is happening on the network and building “a more intuitive network”. Cisco has described this intuitive network as a highly secure platform that is “powered by intent and informed by context”.
We already wrote about Intent-based Networking from Cisco, and its initiative included a couple of new technologies, including DNA Center, Software-Defined Access (SD-Acces), Network Data Platform and Assurance, a completely new set of services called “DNA Services”, as well as the new Encrypted Traffic Analytics (ETA).
As noted, the Cisco Encrypted Traffic Analytics (ETA) has now become generally available for all customers and across multiple switch and routing platforms, including the Catalyst 9300 and Catalyst 9400 switches, Integrated Service Routers from 4000- and 5000-series, the Aggregation Service Routers 1000, and the Cloud Services Router 1000V.
You can find more information over at the Cisco Encrypted Traffic Analytics (ETA) page.