Using the SSH protocol effectively requires proper configuration of parameters to prevent and avoid potential vulnerabilities. R&S PACE 2's new capabilities enable it to inspect and extract metadata, provide complete visibility into SSH connection security, and detect/prevent vulnerabilities that could be exploited by hackers and other malicious network intruders.
The latest release 18.11.16 of PACE 2 features an advanced SSH decoder that extracts metrics and measures such as the MAC algorithm, key exchange (KEX) algorithm, public keys, certificates and various other connection parameters. As a result, vendors of network equipment such as firewalls or secure SD-WANs can evaluate the strength of the security mechanisms implemented by the SSH protocol and apply policies to avoid misconfigurations that negatively impact the security of SSH connections. These include weak MAC hashing algorithms (such as MD5), short hashing values for MAC (such as 96 bits), or encryption algorithms with known issues (such as RC4).
"There's no alternative to for actually monitoring all network traffic and ensuring it meets rigorous security standards," said Alexander Müller, senior product manager for ipoque's DPI technologies. "By providing greater visibility into SSH traffic and communications, R&S PACE 2 enables security vendors to apply rigorous security policies and offer higher levels of security for corporate networks to differentiate their offerings from competing products."
ipoque develops deep packet inspection software that adds protocol and application classification capabilities to network analytics, traffic management and cybersecurity solutions, working with Rohde & Schwarz testers for network traffic analytics system for communication service providers that allows deep insights into network behavior, network performance and trends to optimize both quality of experience and quality of service.