Cisco announced the general availability of Encrypted Traffic Analytics (ETA), the technology which can detect the malware in encrypted traffic.
ETA was available for preview since June 2017, where Cisco conducted various trials among selected customers to decode its potential.
Leveraging the multi-layer machine learning and network visibility, ETA can spot any malicious attack within the large volumes of encrypted data flowing through the organizational network infrastructure.
“ETA examines the initial data packet of the connection. This by itself may contain valuable data about the rest of the content. Then there is the sequence of packet lengths and times, which offers vital clues into traffic contents beyond the beginning of the encrypted flow. Since this network-based detection process is aided by machine learning, it adapts to change and its efficacy is maintained over time,” explained Scott Harrell, Senior Vice President and General Manager, Cisco.
In other words, ETA analyzes encrypted traffic by deeply inspecting data features through passive monitoring, without affecting the privacy of legitimate data. It decrypts or blocks the suspicious data flow with Cisco’s intent based networking.
The security provided by ETA, perfectly complements the privacy of the organizational data. Along with the ability to detect malware, ETA can also enable cryptographic compliance. It not only covers computers and laptops with Windows and MacOS, but also the internet of things (IoT) and mobile devices.
ETA was available for Cisco’s campus switches, Catalyst 9300, and Catalyst 9400 since June last year. With the general availability, it has now been extended to new routing platforms across the branch, WAN, and the cloud.
The new routing platforms include:
- Integrated Services Router (ISR): 4000 Series, the new 1000 Series, ISRv on ENCS 5000 series
- Aggregation Services Router (ASR) 1000 series
- Cloud Services Router (CSR) 1000V
Encrypted Traffic Analytics is now generally available to all Cisco customers.