HTTPS usage is about to double across the web and this will have a major impact on the amount of processing power required from your firewalls.
From July, any website that fails to use encrypted HTTPS connections will be marked as unsafe when accessed in Google Chrome, therefore denting user trust for any platforms that fail to comply with the web giant’s standards.
What This Means For Those Managing Firewalls
For those of you managing firewalls, the issue is clear:
Currently, around 40% of websites use HTTPS.
If you’re not using HTTPS Decryption, then right now at least 40% of the sites your users access can tunnel through your firewall uninspected and that number is about to move towards 100% creating a major hole in your visibility.
If your firewalls are already decrypting traffic, you’ll be aware that HTTPS Decryption requires additional resources to carry out inspection.
If you are seeing high usage right now, you will need to consider what will happen if https traffic doubles to 80% in July, as anticipated, and reaches 100% soon after.
For higher end firewall models, major vendors now offer hardware accessories which will accomodate this additional demand on resources and manage the decryption alongside your existing security setup.
Many smaller devices will simply be too under powered to use these plugins or process the additional load.
With three months until the official launch of the new Google Chrome update there is time to prepare.
Talk to your vendors and partner of choice to find out what you need to do.
Pentesec can arrange for a free, no obligation, Security Check Up to benchmark your current bandwidth usage, identify how these changes will impact your organisation, and recommend a suitable way forward.
If you would like to know more, you can contact us at firstname.lastname@example.org