Packet Slicing & Data Masking
Maintaining Tool Efficiency Without Comprising Security
With the drastic rise of security incidents and data breaches over the years there is an increased demand for secure communications and privacy standards. Enterprises face numerous challenges with the advancement of encrypted traffic, standards compliance, and reducing liability. Advancements in encryption technology, such as TLS 1.3, as well as more personal devices in the workplace, mean there is a potentially growing quantity of encrypted traffic on enterprise networks for which the organization does not have access to the encryption keys and, therefore, has no visibility into.
This needlessly burdens monitoring systems with extra traffic payloads that offer no additional value. Simultaneously, enterprises end up collecting a lot of PII (Personally Identifiable Information), by necessity or otherwise, which, in the event of a data breach, can place employees and customers at risk and increases the liability of the organization. New standards and legislation surrounding the protection of PII places substantial penalties on non-compliance. In addition, the mere loss of PII can lead to severe reputation damage and lawsuits while exposing valued associates and customers to fraud.
Packet Slicing & Data Masking with Cubro’s NPBs
Cubro provides solutions that address both aspects of these increasing, modern challenges. Packet Slicing is a feature that allows the user to discard a portion of a packet past a defined offset. This is useful for removing an encrypted payload from a packet so that the monitoring system still receives the packet headers (the only portion that remains useful) while improving the efficiency of the tool and reducing resource usage (such as storage space).
You may also choose to discard the payload of traffic containing unwanted and potentially sensitive information to both reduce the organization’s liability and/or maximize available resources. Data Masking allows the user to obfuscate sensitive information in the payload of a packet which can be necessary for both compliance reasons or, again, reducing liability and protecting employees and customers in the event of a breach.
Improved Security Posture
- Reduce liability by removing sensitive data and PII
- Increased protection against data leaks
- Maintain compliance with security and privacy standards
Packet Slicing
Don’t let payload slow you down. Slice packets to keep only the headers you need for analysis.
Packet Slicing is usable if a value in bytes has been entered in the Rule Configuration.
Within the Forwarding Policy configuration, navigate to the Rule Configuration by clicking on the arrow between the Port Groups. Inside the Rule Configuration, you can add a rule and find the option Slice, where you can enter a value from 64 to 9192 Bytes; no further configuration is required to slice your traffic.
Products in this Solution
Our newsletter provides thought leadership content about the industry. It is concise and has interesting content to keep you updated with what’s new at Cubro and in the industry. You can unsubscribe anytime with a single click.
Your e-mail address is only used to send you our newsletter and information about the activities of Cubro Network Visibility. You can always use the unsubscribe link included in the newsletter.