Other Security Devices 2.1

Question 1

SSL Accelerators

Answer 1

Massive network systems such as web server farms need tools to help with encryption processing power. This is where SSL Accelerators come in handy. Asymmetric encryption is more intense than symmetric encryption. The SSL accelerator offloads the handshake process to separate hardware to take the load off the server.

Question 2

SSL Encryption

Answer 2

SSL handshake uses asymmetric encryption however must first transfer the symmetric key using asymmetric encryption first.

Question 3

SSL/TLS Decryption

Answer 3

Another commonly used technique. SSL/TLS relies on trust certificates approved by certificate authorities. The browser will only trust websites trusted by these authorities. The websites pay money for these certificates.

Question 4

Hardware Security Module (HSM)

Answer 4

High-end cryptographic hardware. Used for a large number of web servers and certificates. Usually a stand-alone device however you can get a card that plugs into a firewall or proxy. This is a secure are to backup keys. It can also act as an SSL endpoint to offload CPU processing.

Question 5

Media Gateways

Answer 5

It’s common for organizations to have a media gateway that converts PSTN (Public Switched Telephone Network) (your traditional telephone line) and VoIP. This gateway device must be secured because an attacker can spy, shut down the service, or use the device for making their own calls.