Blue Coat Delivers Visibility and Control of SSL Communications Between Enterprise Users and External Applications

SUNNYVALE, Calif., Nov. 8 /PRNewswire-FirstCall/ — Blue Coat(R) Systems (Nasdaq: BCSI) today announced new SSL proxy functionality for its industry-leading ProxySG(TM) platform that finally brings visibility into — and granular control over — encrypted Secure Socket Layer (SSL) communications between internal corporate employees and external Internet applications. These SSL communications now represent a significant and sharply growing percentage of corporate Internet traffic.

“Encrypted SSL connections between employees and external Internet applications have become a growing security risk and a new conduit for viruses, spyware, rogue applications and other threats to the corporate network,” said William Rocholl, global head of strategy and engineering, telecom and network services for ABN AMRO, an international bank with operations in more than 60 countries. “We need a solution to provide visibility into this traffic, and the ability to protect and control it without introducing network bottlenecks.”

Most enterprise SSL traffic comprises business-critical applications now outsourced on the Internet, such as customer relationship management sites, travel booking, human resources/benefits and expense management. While these applications use SSL to protect the confidentiality of data for the enterprise, the encrypted traffic introduces a critical problem for the enterprise. SSL traffic eludes inspection or control by the organization, creating a significant internal Information Technology (IT) “blind spot” for security threats and an open door for rogue applications not sanctioned by company policy. Traveling unmonitored and unchecked through the firewall’s fully open port 443, threat traffic has formed a new highway for enterprise vulnerability.

Blue Coat’s SSL proxy enables organizations to stop malware, including viruses and spyware, from infiltrating their networks through encrypted tunnels. It can deny threats from secured phishing attempts that now utilize SSL explicitly as a cloaking mechanism. It can also govern what encrypted applications the organization will allow to communicate externally. Since much of SSL traffic is business-critical, companies cannot afford any performance degradation due to inspection. Rather than degrade performance, Blue Coat’s ProxySG platform actually boosts SSL-encrypted application performance by as much as 10X through the use of its patented object pipelining and caching technology.

“Enterprises have been completely blind to their users’ SSL traffic,” said David Passmore, research director for Burton Group. “Companies would like to have the same level of visibility and control of SSL traffic as they do with non-encrypted traffic. With SSL usage rising rapidly and security threats proliferating, products like Blue Coat’s SSL proxy may fill a significant enterprise need.”

SSL Proxy for the User, Not SSL Offload for the Web Server

To date, corporations only have visibility and control over SSL communication when they own the application and can terminate connections to and from it. Blue Coat has provided SSL offload and termination for enterprise-run applications since 1999. Prior to the release of Blue Coat’s new SSL proxy, enterprise user SSL communications out to the Internet have eluded IT visibility and control. With the new Blue Coat functionality, corporations can now terminate, inspect, impose policy and block or re-issue users’ encrypted traffic.

“The SSL blind spot and wide open door of port 443 on the firewall is yet another example of why enterprises should not allow users to connect directly to the Internet without going through a proxy,” said Steve Mullaney, vice president of marketing for Blue Coat Systems. “The Internet brings tremendous value, but it can also be a cesspool, introducing significant security risks to the business. With our new SSL proxy functionality, Blue Coat can close a major security hole for enterprises.”

The Power of the Proxy

Blue Coat’s proxy appliances have the unique ability to strike the optimal balance between user empowerment and IT control. Because a proxy terminates application protocols, it has comprehensive understanding of the user-to-application interaction and its context. As a result, proxy appliances provide IT with the power to define, enforce and audit intelligent policy controls over user/application interactions. By distributing proxy appliances at key points in an enterprise infrastructure — the data center, the gateway and regional/branch offices — organizations can create a robust system architecture to protect, control and accelerate Web communications.

Price and Availability

The new SSL proxy functionality is a licensable option of the SGOS version 4.2 operating software for the ProxySG family. The new version is currently in controlled release and will ship for general availability in January 2006. The US list price ranges from $450 to $11,995 for the SSL accelerator card and software license.

About Blue Coat Systems

Blue Coat helps organizations make the Web safe and productive for business. Blue Coat proxy appliances provide visibility and control of Web communications to protect against risks from spyware, Web viruses, inappropriate Web surfing, instant messaging (IM), video streaming and peer-to-peer (P2P) file sharing — while actually improving Web performance. Trusted by many of the world’s largest organizations, Blue Coat has shipped more than 25,000 proxy appliances. Blue Coat is headquartered in Sunnyvale, California, and can be reached at 408-220-2200 or

Don't miss